BitLocker failure resuming from hibernation

This article refers to the HP Folio 12-2000 running Windows 7 with BitLocker.

Resuming the Folio 13 from hibernation will result in BitLocker detecting a change in the system boot information and asking for the recovery key.

Windows BitLocker Drive Encryption Information

The system boot information has changed since BitLocker was enabled.

You must supply a BitLocker recovery password to start this system.

Confirm that the boot changes to this system are authorized.

If the changes to the boot system are trusted, then disable and re-enable BitLocker. This will reset BitLocker to use the new boot information.

Otherwise, restore the system boot information.


I have found a workaround by disabling the “Internal network device boot” option within the BIOS. I informed HP about the issue and the workaround and was told that they had previously received a report of this issue and their engineers are working on a fix that will probably require a BIOS update.


If BitLocker is already in use then go to “Control Panel” -> “System and Security” -> “BitLocker Drive Encryption” and “Suspend Protection” (Figure 1). Update the BIOS and follow the same steps except that this time you will select “Resume Protection” instead of Suspend.

Figure 1

Update BIOS

Enter BIOS by pressing F10 during boot and Select “System Configuration” using the arrow keys.


With arrow keys move down to “Boot Option” and select by pressing “Enter”

If “Internal Network Adapter boot” is enabled, select and press Enter. If “Internal Network Adapter boot” option is disabled then exit BIOS.

Once “Internal Network Adapter boot” has been disabled press F10 to “Save and Exit”. Make sure to select  yes when asked to save changes.

I have encountered the issue with BIOS version F.13 and F.17 which is the latest version as of 10/09/2012.


After some research I have found following under the ProtectKeyWithTPMAndPIN method of the Win32_EncryptableVolume class documentation:

“Unified Extensible Firmware Interface (UEFI)–based computers do not use PCR 5 by default” which is why it conflicts with the “Platform Validation Profile” default value which enables 0, 2, 4, 5, 8, 9, 10, and 11.

As mentioned by Stingy in the comments BitLocker prompt for a Recovery Key when the machine is docked. Microsoft article KB2670514:

On Windows 7 and Windows Server 2008 R2 platforms that support UEFI, you may see a prompt for BitLocker Recovery Key if you use UEFI BIOS with Compatibility Support Module (CSM) enabled.


This occurs when there is a USB device inserted while the machine boots.

The KB article suggests not inserting any devices during boot or Removing PCR 5 for the TPM Platform Validation Profile. The article will walk you through the steps required to disable PCR 5.

Disabling PCR 5 also fixes the issue with the “Internal Network Adapter boot” option being enabled, but do remember that you will need to suspend/enable BitLocker on all of your machines when you make the change.


2 thoughts on “BitLocker failure resuming from hibernation”

  1. The above workaround did not work for us. BIOS versions F.13 and F.17 have the same problem with BL requiring key with USB docks. I heard that Lenovo has resolved this issue with BIOS upgrade. HP, any solution. BTW, the Folio-13 line is now EOL per HP’s page so I guess, instead of solving the issue, HP just decided to kill the product.

    1. The dock probably messes with the boot sequence which is causing BitLocker to do its job.

      We are replacing the Folio 13’s with the “HP EliteBook Folio 9470m Ultrabook” and I have not encountered the issue. The 9470m is so much better than the Folio 13 especially the trackpad and screen. It also includes a removable battery.

      I believe that the Folio 13 should have never made it to production. Looks like HP rushed to have an Ultrabook in the market.

      Check out the update to the article and Microsoft KB2670514 for a possible fix to you dock issues.

Leave a Reply