This article refers to the HP Folio 12-2000Â running Windows 7 with BitLocker.
Resuming the Folio 13 from hibernation will result in BitLocker detecting a change in the system boot information and asking for the recovery key.
Windows BitLocker Drive Encryption Information The system boot information has changed since BitLocker was enabled. You must supply a BitLocker recovery password to start this system. Confirm that the boot changes to this system are authorized. If the changes to the boot system are trusted, then disable and re-enable BitLocker. This will reset BitLocker to use the new boot information. Otherwise, restore the system boot information. ENTER=Continue
I have found a workaround by disabling the â€œInternal network device bootâ€ option within the BIOS. I informed HP about the issue and the workaround and was told that they had previously received a report of this issue and their engineers are working on a fix that will probably require a BIOS update.
If BitLocker is already in use then go to â€œControl Panelâ€ -> â€œSystem and Securityâ€ -> â€œBitLocker Drive Encryptionâ€ and â€œSuspend Protectionâ€ (Figure 1). Update the BIOS and follow the same steps except that this time you will select â€œResume Protectionâ€ instead of Suspend.
Enter BIOS by pressing F10 during boot and Select â€œSystem Configurationâ€ using the arrow keys.
With arrow keys move down to â€œBoot Optionâ€ and select by pressing â€œEnterâ€
If â€œInternal Network Adapter bootâ€ is enabled, select and press Enter. If â€œInternal Network Adapter bootâ€ option is disabled then exit BIOS.
Once â€œInternal Network Adapter bootâ€ has been disabled press F10 to â€œSave and Exitâ€. Make sure to select Â yes when asked to save changes.
I have encountered the issue with BIOS version F.13 and F.17 which is the latest version as of 10/09/2012.
After some research I have found following under the ProtectKeyWithTPMAndPIN method of the Win32_EncryptableVolume class documentation:
â€œUnified Extensible Firmware Interface (UEFI)â€“based computers do not use PCR 5 by defaultâ€ which is why it conflicts with the â€œPlatform Validation Profileâ€ default value which enables 0, 2, 4, 5, 8, 9, 10, and 11.
As mentioned by Stingy in the comments BitLocker prompt for a Recovery Key when the machine is docked. Microsoft article KB2670514:
On Windows 7 and Windows Server 2008 R2 platforms that support UEFI, you may see a prompt for BitLocker Recovery Key if you use UEFI BIOS with Compatibility Support Module (CSM) enabled.
This occurs when there is a USB device inserted while the machine boots.
The KB article suggests not inserting any devices during boot or Removing PCR 5 for the TPM Platform Validation Profile. The article will walk you through the steps required to disable PCR 5.
Disabling PCR 5 also fixes the issue with the â€œInternal Network Adapter bootâ€ option being enabled, but do remember that you will need to suspend/enable BitLocker on all of your machines when you make the change.