You need to log into Windows 7, suspend Bitlocker (no need to disable your TPM), then reboot your computer into Windows 7 again (and reenable Bitlocker if it doesn't automatically do it). This will "reset" Bitlocker to understand your new dual-boot configuration. Once you've done this, you should not need to enter your recovery key the next time you boot into Windows 7.
BitLocker has never depended on a Microsoft account. It is only a possible location for storing the recovery password, but not the only one (the same password can be stored on Active Directory, or in a plain text file of your choosing) – and a BitLocker drive doesn't necessarily have a recovery password to begin with.
You can run manage-bde c: -protectors -get
to see what unlock mechanisms are available. Whenever a recovery password is present, it will be shown directly in the protectors list.
But in your case, the status output immediately says that there are none: the disk's master key is simply stored on the disk itself, giving you no protection at all.
This means BitLocker is only being used with the expectation for you to manually activate it later on – whenever you decide to do so, Windows will not need to spend time encrypting gigabytes of actual data, it will simply encrypt the master key. That's when BitLocker will prompt you to save the recovery password, too.
Dislocker should be able to access the drive using the --clearkey
option.
Also for future reference:
Commonly the passwordless unlocking is implemented by using a TPM, which holds the key in a separate chip and only gives it to the OS if the entire boot process exactly matches its requirements. (That is, if you boot e.g. Linux on the same computer, the boot log will result in a different PCR hash and the TPM-sealed key will not be retrievable.)
If your disk actually had e.g. TPM protection enabled but did not have a recovery key, you could add one using manage-bde c: -protectors -add -recoverypassword
.
(Alternatively, you can add a recovery key file using the -recoverykey
option and use it with Dislocker's --bekfile=
.)
However, again, in your case there is no "main" protector added yet. So if you want to protect the data, you should instead start by adding a -tpm
or -password
protector, then add a recovery key as the second option.
Best Answer
The optimal solution is to disable BitLocker completely, as you said. However, there is a way to keep Bitlocker on your computer and keep Ubuntu. I have not tried this on my own computer but it has worked well with others.
The way to do this is to uninstall Ubuntu. Remember to disable BitLocker from Windows. Provided that you have files you want to keep, I would suggest you take a backup (I would do this of the /home folder because that is where all your user files are (you would need to reinstall all user-installed programs and dependencies); otherwise you can just take a full backup and reinstall GRUB; more info about this is in this question.
The way to uninstall Ubuntu is easy. Boot from your LiveCD or create a USB with Rufus or some other utility and boot from that. After, open GParted and simply delete the partitions. However, you're not done. Because you deleted the partitions, you also deleted the grub files configuration files (everything in /boot/grub). As a result, if you boot up your computer now, you will get to a grub-rescue screen. So don't reboot just yet.
Open a terminal and run these commands to add a PPA and install boot-repair:
After that, select "Recommended repair." This will create a new BCD for your Windows system and reinstall bootmgr to the MBR. It will ask you to create a pastebin after and give you a file telling you about what happened. After that, reboot. This should hopefully work. Otherwise, you can clone the drive to another one of the same size and format the whole drive, then move Windows back. Again, the best (and least risky) solution is to disable BitLocker completely.