Home > Bitlocker Tips

Solved! BitLocker Startup Options are Configured Incorrectly

Published/Updated on Tuesday, November 26, 2024

M3 Software author Wilsey Young

Written by

Wilsey Young

English

Summary: This post lists several ways to fix the error of BitLocker the startup options on this PC are configured incorrectly. iBoysoft DiskGeeker for Windows is highly recommended for encrypting disks or partitions with BitLocker.

BitLocker the startup options on this PC are configured incorrectly

Enabling the BitLocker encryption feature on Windows to encrypt the entire disk or partition is a reliable way to protect precious data against unauthorized access, particularly when the computer is lost or stolen.

However, some Windows users encounter the “BitLocker the startup options on this PC are configured incorrectly” error when turning on BitLocker on Windows 10/11. Here, we discuss this BitLocker-related error and provide corresponding solutions.

Reddit discussions on “BitLocker the startup options on this PC are configured incorrectly”

The startup options on this PC are configured incorrectly BitLocker error is also being discussed in the post on Reddit. The poster received the error message when trying to enable BitLocker on C:\, and he itemized everything he had tried to resolve the issue but still failed.

You can check the post below to view the resultant problems they mentioned and the solutions they offered.

Unable to enable Bitlocker - Startup options are configured incorrectly.
by u/itguy619 in sysadmin

What causes “BitLocker the startup options on this PC are configured incorrectly”?

The startup options on this PC are configured incorrectly BitLocker error may arise due to the following reasons:

  • Incorrect BitLocker group policy settings. 
  • TPM and Secure Boot are not enabled in the BIOS/UEFI menu. 
  • TPM 2.0 is not supported in Legacy (BIOS) mode.

You can easily share this post by clicking the buttons below!

 

Fix for “BitLocker the startup options on this PC are configured incorrectly” error

Based on the possible reasons listed above, here are several solutions to this BitLocker error.

Re-configure BitLocker group policy settings

If the required group policy settings for BitLocker are not properly configured, this error message may pop up so you are unable to turn it on.

  1. Press "Win+R" keys to open the "Run" dialog box, type "gpedit.msc", and hit the "Enter" key to open Local Group Policy Editor.
    open Local Group Policy Editor
  2. Navigate to: Computer Configuration > Administrative Templates > Windows Components > BitLocker Drive Encryption > Operating System Drives. 
  3. In the right pane, locate and double click "Enable use of BitLocker authentication requiring preboot keyboard input on slates."
    enable use of BitLocker authentication requiring preboot keyboard input on slates 
  4. Choose "Enabled" and click "Apply" and "OK."
    enable use of BitLocker authentication requiring preboot keyboard input on slates
  5. Restart your PC and try enabling BitLocker again.

Enable TPM in the BIOS/UEFI menu

The “BitLocker the startup options on this PC are configured incorrectly” error may occur if the TPM (Trusted Platform Module) is not enabled in the BIOS/UEFI menu.

First of all, you need to check the TPM status on your PC, and here's how:

  1. Press “Win+R” to open “Run” dialog box, input “tpm.msc”, and click "OK" to run.
    tpm msc in Run dialog box
  2. You will see the TPM status, version, and related information. The prompt "compatible Trusted Platform Module (TPM) cannot be found..." means the TPM is disabled in the UEFI/BIOS menu.
    TPM cannot be found

Now you can follow the steps below to enable TPM and Secure Boot in UEFI/BIOS:

  1. Open “Settings”, click “Update & Security”, and choose “Recovery” from the left.
  2. Click the “Restart now” button under the “Advanced startup” section. 
    restart now under advanced startup in Settings
  3. Click on Troubleshoot > Advanced options > UEFI Firmware settings.
    UEFI settings in advanced startup
  4. Click the “Restart” button to enter the UEFI/BIOS page. 
  5. Enter the advanced, security, or boot settings page, depending on the motherboard. 
  6. Choose the TPM 2.0 option and choose the Enabled option. Note: The option to enable the TPM could be named Security Device, Security Device Support, TPM State, AMD CPU fTPM, AMD fTPM switch, Intel Platform Trust Technology, or Intel PTT.
    enable TPM in UEFI or BIOS menu
  7. Look for the Secure Boot option under the Boot tab. 
  8. Click the Secure Boot option and enable it.
    enable Secure Boot in UEFI or BIOS menu
  9. Save the changes, exit, and reboot your system.

If you fail to enable Secure Boot and the “BitLocker the startup options on this PC are configured incorrectly” error persists, you will need to use the following method.

If the methods above worked, you can share this article with your friends!

 

Easily encrypt the partition with BitLocker via iBoysoft DiskGeeker for Windows

BitLocker is undoubtedly one of the most powerful tools for securing important data. By encrypting your disks or partitions, BitLocker protects your data against unauthorized users.

But sometimes, for whatever reason, you may encounter various error messages when enabling BitLocker, such as BitLocker the startup options are configured incorrectly. Apparently, these errors place a barrier in front of you and you are unable to encrypt with BitLocker.

In this case, you can download iBoysoft DiskGeeker for Windows and use BitLocker! Unlike the built-in BitLocker feature on Windows, iBoysoft DiskGeeker for Windows is a professional disk management tool that can help you easily encrypt a disk or partition with BitLocker, without receiving any error messages!

More importantly, it is a tool that can make the BitLocker encryption feature available on Windows 11/10/8.1/8/7 Home Editions and Windows 7 Professional Edition.

You can follow the tutorial below to encrypt a partition with BitLocker:

  1. Click the "Click to encrypt" button next to the disk or partition in the BitLocker module. Note: Only an NTFS, exFAT, or FAT32 partition can be encrypted.
    iBoysoft DiskGeeker for Windows
  2. Enter a password, re-enter it, and click "Next" to continue.
    iBoysoft DiskGeeker for Windows
  3. Back up the BitLocker recovery key generated by this tool and click “Next.” A recovery key can be used as a last resort to unlock the encrypted disk or partition, in case you forget the password.
    iBoysoft DiskGeeker for Windows
  4. Click "Start encrypting" to get it started.

Switch from Legacy BIOS to UEFI mode

The legacy mode of the BIOS does not support TPM 2.0. If your PC uses TPM 2.0, you'll need to be in UEFI mode. Devices with TPM 2.0 must have their BIOS mode set as UEFI. The Legacy boot may need to be disabled and changed over to UEFI to allow the Secure Boot of the OS.

Changing from Legacy BIOS mode to UEFI could be time-consuming and complex since it involves converting the MBR partition style to the GPT partition style. You can check the webpage below to learn how to use the MBR2GPT tool to accomplish conversion: MBR2GPT.EXE

After the MBR to GPT conversion is done, you can now change from Legacy BIOS to UEFI:

  1. Reboot your PC and press the manufacturer's key to open the Legacy BIOS menu. Note: The key to enter the BIOS varies depending on the motherboard brand or model. 
  2. Locate the boot mode settings, usually under the "Boot" tab, and change it from Legacy BIOS mode to UEFI mode.
    change Legacy BIOS to UEFI
  3. Save the changes and exit. 
  4. Ensure the TPM and Secure Boot are enabled. 
  5. Now you can try enabling BitLocker again.

Did you find this post useful? Why not share with your friends