Issue 1When you manually add a recovery password at a command prompt, you receive the following error message:
Issue 2When you try to encrypt a drive on which BitLocker recovery passwords are required, you cannot encrypt the drive as expected. Additionally, you receive the following error message:
Issue 3When you encrypt a drive, a recovery key is created, but no recovery password is created as a key protector.
Issue 4A recovery password is not archived in the Active Directory directory service.
To disable the System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing Group Policy setting, follow these steps:
- Click Start, type gpedit.msc in the Start Search box, and then click OK.
Note If you are prompted for an administrator password or for confirmation, type the password, or provide confirmation.
- Expand Computer Configuration, expand Windows Settings, expand Security Settings, expand Local Policies, and then click Security Options.
- In the details pane, double-click System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing, click Disable, and then, click OK.
Note This Group Policy setting may be configured by an administrator to be automatically applied from a domain controller. In this situation, you cannot disable this setting locally.
Article ID: 947249 - Last Review: Aug 7, 2012 - Revision: 1