There’s no need to update Rescue Media. Even if you use the optional BitLocker auto-unlock capability, that relies on storing Recovery Keys in the Rescue Media, so as long as your Recovery Key hasn’t changed, then you won’t need to do anything there. And if you do NOT use the BitLocker auto-unlock feature, then you wouldn’t have to do anything even if your BitLocker Recovery Key HAD changed. In terms of why the prompt occurred, if you’re not getting prompted to enter it on EVERY boot at this stage, then I don’t think you have anything to worry about. The most likely cause of a one-off prompt for the Recovery Key is that the “platform integrity check” performed by the TPM failed. Basically, in a normal boot scenario, the reason you don’t have to enter any BitLocker information at startup is that the TPM stores and releases the unlock key. But the TPM only does that after a successful platform integrity check, which basically means that the TPM has confirmed that nothing among certain aspects of the hardware or firmware environment of the system has changed from the known trusted state, since certain types of changes could be related to an attempt to steal the unlock key. The exact checks can be customized somewhat via Group Policy, and there appears to be some variance even among systems, but for example, on most systems, a BIOS update or downgrade will cause the platform integrity check to fail. And if that happens, the TPM refuses to release the key, which is why you then have to provide the Recovery Key to unlock the partition. But if you do that, then the TPM “re-seals” against the new state and trusts it going forward, which is why you don’t see it more than once. (If you see the prompt repeatedly, then that would suggest an issue with the TPM, such as no longer having the key due to having been cleared or something.) A platform integrity check typically will NOT fail due to changes in the Windows environment, but perhaps that specific update related to Secure Boot is indeed a factor. And if you’re wondering about how to avoid a Recovery Key prompt after a BIOS update, the easiest way to achieve that is to suspend (not disable) BitLocker just prior to a reboot where a BIOS update will occur. In that setup, no unlock information will be needed from the TPM at all, AND the TPM will automatically seal against the system’s state at that point. If that Windows Update needed to alter the TPM’s trusted state, then the update may have automatically suspended BitLocker for the reboot so that you didn’t have to enter a Recovery Key after it was installed. But of course rolling back to an earlier image wouldn’t have included an automatic suspension. To be totally clear, the first paragraph above is factual, but my thoughts about exactly what caused the prompt in your specific case are speculation.
That sounds odd as Windows 10 Home is only supposed to have "Bitlocker-to-go" for removable drives, not full volume encryption.
Thanks for the detailed reply. It helped a lot. After several restarts the laptop has not asked for the recovery key again. As a test, I made a new image and restored it. No problems. The Macrium log said the C drive was BitLocker unlocked and it was a Live Restore. Hopefully, I won’t get the recovery key prompt again.
It’s the other way around. Win10 Home has “device encryption”, which on systems that meet certain hardware requirements allows for encrypting only the Windows partition, since that’s considered the core of the device. That feature uses BitLocker under the hood and can even be managed via manage-bde, but you don’t get the BitLocker GUI. However, creating BitLocker To Go volumes on removable storage devices, or even on non-Windows partitions located on fixed disks, is not available. Win10 Home can work with such volumes if they had BitLocker enabled elsewhere, but it can’t enable BitLocker on those volumes.
Ah! Thanks for the clarification. I use Win10 Pro on both of my computers, so not very familiar with Home. I misunderstood "device" encryption to mean removable devices.
Repeatedly, on different computers with Macrium Reflect v8.0.* installed, I saw this bug. In the list of backups I click on the backup 93EB6H****, then the Delete button. In the window that appears, I see that I am offered to delete a completely different backup NM06E4****. I repeat the operation again and everything repeats in the same way. In the list of backups I will click on different backups, choose 93EB6H****, and now in the next window I see 93EB6H.... to delete. So this has forced me to be more careful when deleting backups.
I have reproduced this consistently with the Verify function on the release I am running and will report it to Macrium.
Thank. The same confusion happens when looking at the backup descriptions, as well as when selecting a backup to restore. I was very surprised when I did a restore to the date August 12 and the system recovered to the date June 26 This bug was first noticed in v8.0.6560.
The issue with the Verify button is fixed in a test release that I received from Macrium, so hopefully it makes its way into production before too long. I wasn't able to replicate the behavior with the Delete button as you described, but I got it to occur with Verify by taking focus away from the selected backup before clicking the button again. So hopefully whatever Macrium did to fix that will also address your scenario.
Yes thanks for that news. Glad now that i held off and went with another imager first before sorting through their backups
I fear that soon it will be time for me to change from my old computer to a new one (planning to transfer the old system from one to the other via Macrium). Apart from all questions which will arise (surely a lot ) I would like to ask something general. I just read in the Internet the following advice for someone who had similar plans as I have: Indeed a very wise consideration I think. My question is: Can I do something like that with one license of Macrium? I have installed Macrium Reflect 8 Home Edition on my current computer and I have created a rescue media (CD). So will it for example be possible to create an image of the new PC's drive by using the rescue media? Or will Macrium not allow this because the rescue media was created based on the license for the installation on another machine (= the current one)?
One license of Macrium you can do whatever you want. However, if your buying a new computer I would not transfer the old system, I would start fresh and re-install all your old programs. Backup all your files such as pictures and documents to a portable drive and just copy them to new computer. If you transfer the old system your also transferring all the old problems/issues.
Your Rescue media is not hardware bound, technically it will successfully image both your old and new computer and restore from the image, although it seems that using it on a new computer would be a violation of the EULA.
Thanks @digmor crusher and @aldist for your replies. I am aware of this. But I am too lazy for such a procedure. I understand what you mean. But just some theoretical thoughts about this interpretation: Wouldn't it mean that the user of a rescue media created by Macrium's paid version (Macrium Home) is in a worse position than a user of the free version? Because creating a rescue media with Macrium's free version would give me legally this basic possibility: To create an image from any computer (and if necessary to restore it on this computer).
The license expressly allows Rescue Media to be used on another PC for the specific purpose of permanently migrating from the licensed PC to another. Also, even Reflect Free can make the type of image backup you want, so it’s not like you’re using any of the paid license features for that step anyway.
Sometimes it’s important to distinguish between what is technically possible — perhaps due to Macrium’s desire to avoid DRM that might impede legitimate use cases more often than it thwarts illegitimate use cases — and what is actually allowed.
Thanks @jphughan This was my consideration too: I would use the rescue media created with Macrium's paid version for creating an image of another computer (a newly bought one), but doing so I would not use any of the paid license features. I just wanted to be sure that the rescue media (which has the license number of the paid version, my name as owner of the licence etc.) will not deny completely to work in connection with a second computer. So obviously this would not happen.
The crucial difference between the Free version and the paid version is the absence of the ability to create incremental backups and the ReDeploy feature.
Rapid Delta Restore/Clone are also paid-only features. That can be a major timesaver. Encryption is also a paid-exclusive feature.
Of course you wouldn't go over to a family members house / friends house and use the product that you've paid for on their computer(s) and utilise of all the features of such software to help them out........You'll tell them to buy the software as you don't want to violate the EULA Another good tip Peter 123 is, if you ever want to use your purchased Macrium Reflect on custom boot media, create the boot media using Reflect, pull out all needed files from the .wim file, wrap the files around a single .exe file (like an 7zip SFX file) then you can place the exe file on whatever custom PE that you make and simply just run it (all paid features will work).
