Windows Message During Reset Of PC

tallguy3891 · Post by **tallguy3891** » Thu May 25, 2023 12:41 pm

Decided to do a Recovery Reset with install from the cloud and clean the drive. I have done this before with the pc in question, but this time it got to a point and gave a black screen with the fairly common message:

"A configuration change was requested to clear this computer's TPM (Trusted Platform Module)
WARNING: Clearing erases information stored on the TPM. You will lose all created keys and access to data encrypted by these keys.
Press F12 to clear the TPM.
Press ESC to reject this change request and continue."

My questions are:

1) who/what requested this change or is it a normal process? Is it possibly due to a real problem?
2 which is the better choice--F12 or ESC, or does it matter? My search online gave varying answers one way or the other. I chose ESC and it continued with the reset and works fine. Should I reset again and choose F12?

gavinsiu · Post by **gavinsiu** » Thu May 25, 2023 3:43 pm

tallguy3891 wrote: ↑Thu May 25, 2023 12:41 pm Decided to do a Recovery Reset with install from the cloud and clean the drive. I have done this before with the pc in question, but this time it got to a point and gave a black screen with the fairly common message:

"A configuration change was requested to clear this computer's TPM (Trusted Platform Module)
WARNING: Clearing erases information stored on the TPM. You will lose all created keys and access to data encrypted by these keys.
Press F12 to clear the TPM.
Press ESC to reject this change request and continue."

My questions are:

1) who/what requested this change or is it a normal process? Is it possibly due to a real problem?
2 which is the better choice--F12 or ESC, or does it matter? My search online gave varying answers one way or the other. I chose ESC and it continued with the reset and works fine. Should I reset again and choose F12?

I would not clear the TPM unless you want to completely reset the computer. TPM is where you would store things like the encrpytion key to your drive, clearing it might mean you cannot decrypt your drive and have to reformat it.

samsoes · Post by **samsoes** » Thu May 25, 2023 3:59 pm

Do you use Bitlocker.drive encryption?

tallguy3891 · Post by **tallguy3891** » Thu May 25, 2023 5:01 pm

samsoes wrote: ↑Thu May 25, 2023 3:59 pm Do you use Bitlocker.drive encryption?

No, but do use Device Encryption.

samsoes · Post by **samsoes** » Fri May 26, 2023 4:57 am

tallguy3891 wrote: ↑Thu May 25, 2023 5:01 pm
samsoes wrote: ↑Thu May 25, 2023 3:59 pm Do you use Bitlocker.drive encryption?
No, but do use Device Encryption.

Decrypt everything first, and then do your reset. Feel free to wipe the TPM at that point since it's not storing any valid keys for you. Re-encrypt later.

gavinsiu · Post by **gavinsiu** » Fri May 26, 2023 2:39 pm

tallguy3891 wrote: ↑Thu May 25, 2023 5:01 pm No, but do use Device Encryption.

I have not use device encryption but it's basically a consumer version of Bitlocker that is automatic and uses TPM. As samsoes pointed out, it's best to decrypt it first. The following item might be installed in TPM that I can think of.

* Disk Encryption Key.
* Windows Hello fingerprint
* Passkeys saved in Windows Hello.
* Password manger key.

Of the items above I can think of, the disk encryption key and probably the most important. Erasing the disk encryption key means you lose all data on disk. I have actually done this in the past and lost the recovery method but end up restoring from backup.

The passkey would be a concern if you don't have a backup passkey.

The windows Hello and password manager key is probaby less of an issue since you can usually still login using the user name and password.

tallguy3891 · Post by **tallguy3891** » Fri May 26, 2023 3:57 pm

gavinsiu wrote: ↑Fri May 26, 2023 2:39 pm
tallguy3891 wrote: ↑Thu May 25, 2023 5:01 pm No, but do use Device Encryption.
I have not use device encryption but it's basically a consumer version of Bitlocker that is automatic and uses TPM. As samsoes pointed out, it's best to decrypt it first. The following item might be installed in TPM that I can think of.

* Disk Encryption Key.
* Windows Hello fingerprint
* Passkeys saved in Windows Hello.
* Password manger key.

Of the items above I can think of, the disk encryption key and probably the most important. Erasing the disk encryption key means you lose all data on disk. I have actually done this in the past and lost the recovery method but end up restoring from backup.

The passkey would be a concern if you don't have a backup passkey.

The windows Hello and password manager key is probaby less of an issue since you can usually still login using the user name and password.

Is it okay that I did not decrypt, did not erase TPM via F12, and used ESC option instead in the reset reinstall?

gavinsiu · Post by **gavinsiu** » Fri May 26, 2023 11:24 pm

tallguy3891 wrote: ↑Fri May 26, 2023 3:57 pm Is it okay that I did not decrypt, did not erase TPM via F12, and used ESC option instead in the reset reinstall?

Yes, but I would play it safe and decrypt first just to be on the safe side or if you had backed up the drive already and tested the restore first.

Bogleheads.org

Windows Message During Reset Of PC

Windows Message During Reset Of PC

Re: Windows Message During Reset Of PC

Re: Windows Message During Reset Of PC

Re: Windows Message During Reset Of PC

Re: Windows Message During Reset Of PC

Re: Windows Message During Reset Of PC

Re: Windows Message During Reset Of PC

Re: Windows Message During Reset Of PC