BitLocker Control Panel is the tool using which Windows users can manage the Bitlocker protection on their drives. Recently some Windows 11 users have complained about their tunability to access the BitLocker Control Panel tool on their devices. According to them, the error code 0x80004005 is appearing as they are trying to access the tool. Don’t worry. There are workarounds and ways around the issue. So, without wasting a bit of time, proceed to the main solutions.
Fix 1 – Check the Device Encryption Support
Before you do anything, check whether your system hardware supports the BitLocker Encryption at all. Follow these steps –
1. At first, press the Windows key+R keys together.
2. Then, write this in the box and hit Enter.
msinfo32
3. In the System Information page, highlight “Hardware Resources” on the left-hand pane.
4. Now, scroll all the way through the right-hand pane, and look for “Device Encryption Support“.
Carefully notice what it is saying.
If it reads like “Meets Prerequisites“, then the BitLocker Encryption is fully supported on your system and jumps on to the main fixes to solve the problem.
But, if the condition states something like this –
Reason for failed automatic device Encryption: PCR7 binding is not supported, Hardware Security Test failed and the device is not Modern Standby.
In that case, the BitLocker Encryption is not supported by your system hardware.
Fix 2 – Edit the Registry Setting
You can manually edit the registry related to the BitLocker Encryption protocol using the Registry Editor.
1. Just click once on the Windows icon and type “regedit“.
2. Then, click “Registry Editor” which
NOTE – Registry Editor is one of the key parts of your computer. A single wrong value change can cause a fatal error and your computer may never boot up again! So, build a registry backup before you proceed further.
a. At first, click on “File” from the menu bar.
b. On the context menu, tap “Export” to create a new registry backup.
3. Once you have created the backup, proceed to this point –
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft
4. Here, you have to create a new subkey named FVE. So, right-tap the “Microsoft” key and tap “New>” and again on “Key” to create a new subkey.
5. Name this key “FVE“.
6. Now, make sure that you have selected the “FVE” key from the left-hand pane.
7. Then, right-hand side, right-tap on the space and tap “New>” and tap “DWORD (32-bit) Value“.
8. Rename this value as “EnableBDEWithNoTPM“.
9. Next, just double-tap this value to modify it.
9. Now, reset the value to “1“.
10. Click “OK” to save the changes.
After this, you have to create another value.
11. So, right-tap on the same side and click “New>” and tap “DWORD (32-bit) Value” to create a new value.
12. Rename the value to “UseAdvancedStartup“.
13. Then, double-tap it to edit it.
14. Next, fix the value to “1“.
15. After that, click “OK” to save this change.
16. Now, following the same steps, create and set the Value Data following this table –
UseTPM: 2 UseTPMKey: 2 UseTPMKeyPIN: 2 UseTPMPIN: 2
It will something like this –
Once you have created all the specified values, close the Registry Editor page.
Then, restart your computer. Restarting your computer saves these changes.
Fix 3 – Modify the Group Policy
If modifying the registry doesn’t fix the Bitlocker Encryption issue, you can use the group policy settings to manage the same.
NOTE – Group Policy is not available on Windows 11 Home edition. So, you can enact these only on Windows 11 Pro or Business edition devices.
1. Using the search box, perform a search for “group policy“.
2. Now, tap “Edit Group Policy” to open that.
3. In the Local Group Policy Editor page, head on to this point following this way –
Computer Configuration > Administrative Templates > Windows Components > BitLocker Drive Encryption > Operating System Drives
4. On the right-hand pane, look if you can find the “Require additional authentication at startup” policy.
5. Then, double-tap it so that you can edit it.
6. Make sure to switch the policy to the “Enabled” state.
7. Then, check this option on the Options pane –
Allow BitLocker without a compatible TPM (requires a password or a startup key on a USB flash drive)
8. Then, tap “Apply” and “OK” to save this modification.
Exit the Local Group Policy page. This policy change won’t take effect until you restart the system.
After restarting the computer, try to open the BitLocker Control Panel once more and test.
Fix 4 – Start the BDESVC
The BitLocker Drive Encryption service should be running while you are using any BitLocker features.
1. Perform a search for the “services“.
2. Then, tap on the “Services” in the search results.
3. Next, in the Services screen, find the BitLocker Drive Encryption Service.
4. Then, double-tap it to edit it.
5. Next, tap “Start” to start the service.
6. Then, tap “Apply” and “OK“.
Close the Services page. Then, check if this works.