Clearing TPM after restoring SSD from a USB restore key questions

TWB · 05 Apr 2023

Version 22H2 OS build 19045.2788 Windows 10 Pro
Created USB restore key for my SSD and completed the restore process. It came a warning message "Warning: Clearing erases information stored on the TPM. You will lose all created keys and access to the data encrypted by these keys." Press F12 to clear the TPM or press ESC to reject this change request and continue." I ran this recovery process on a backup clone drive of my PC drive to see how it works and understand the process but am left with the question if I chose to clear the TPM would it have blocked access to my original drive if I put the original back in the system and booted to it? I have to enter a pin upon windows startup as my system sits now. If I cleared the TPM and the original drive is expecting me to enter a pin that the TPM is no longer aware of because I cleared it when the cloned drive was in the system would it block access to the original drive? I chose not to clear it and the original drive functions fine. I just don't want to play around and kill access to it by doing a system restore and clearing of TPM while a cloned version of the drive is in the system..

hsehestedt · 07 Apr 2023

Welcome to TenForums!

I'm not 100% clear on what it is that you are doing. In particular, I'm not familiar with a "USB restore key".

Here is what I am understanding your question to be:

You have the indows drive encrypted with BitLocker. In addition to the standard encryption of the drive, you have an additional requirement that a PIN be entered at startup.

If you clear the contents of the TPM, you would then need to supply the recovery key in order to gain access to the drive. Once you have booted back into Windows, after having provided the recovery key, you could then proceed to set a new PIN.

Put another way, the PIN simply prevents the TPM from automatically unsealing the key to allow access to the OS drive. Without the PIN, you need to provide the recovery key.

TWB · 07 Apr 2023

"Recovery Media" may be the more appropriate term... The USB media you can either order from the manufacturer of your machine or create via the "Restore" option in windows 10..

I cloned my drive and ran completed the process to ":restore" my PC to factory state. (On the cloned drive) I did not clear the TPM as the recovery process gives you the option to clear the TPM or leave as is.

My original drive requires a pin number or windows password to log into windows. I am trying to find out if I had chose to clear the TPM when the cloned drive was in the system and then put my original back in the PC if it would boot up and ask for my pin number or password upon initial log in or if it would even allow the log in process to proceed since the TPM would no longer have the pin number info for log in and the original drive and windows installation required a pin to log into the PC.

Short version restored PC via a cloned drive and cleared TPM, will the original drive that I cloned still boot up normally and ask for the pin number I have set up for windows log in and start windows normally. Or not work because the TPM containing the pin number has been cleared.