Device encryption is included with Windows Home and Pro editions; unlike the BitLocker feature which only ships with the Pro edition. If you meet the Device encryption is temporarily suspended error on your device, and even after multiple reboots it does not resume, you can try the solutions in this article to fix the problem.
When you experience this problem, you will receive the following complete error message;
Device encryption is temporarily suspended. Encryption will resume automatically the next time you restart this device.
What is device encryption?
In a nutshell, device encryption is the process by which data is scrambled into unreadable code and renders it indecipherable to unintentional recipients of the data, without a password or recovery key. The data is commonly referred to as “plain text” and is encoded using an encryption algorithm to transform it into an unreadable format commonly referred to as “cipher text”.
What happens when encryption is suspended?
A suspended device encryption warning that you may receive on your Windows PC simply means that BitLocker protection has been suspended on your device. In this case, the drive is still encrypted but protection is disabled, for example, no PIN code or TPM password is required when you start the operating system. You can resume or suspend BitLocker Protection for Drives on your Windows computer.
Device encryption is temporarily suspended, error
If you are faced with this Device encryption is temporarily suspended error on your Windows 11 or Windows 10 computer, you can follow the instructions below to resolve the issue.
Proceed as follows:
- hurry Windows key + R to call up the Run dialog box.
- In the Run dialog box, type
tpm.mscand press Enter to open the TPM Management snap-in.
- In the right window, under Actions, click on Clear Trusted Platform Module.
- Exit the Trusted Platform Module Management snap-in.
- Restart the PC.
Once the computer successfully boots to the desktop, continue as follows:
- hurry Windows key + X to open the Advanced User menu.
- Faucet A on the keyboard to launch PowerShell in administrator / elevated mode.
- In the PowerShell console, type the command below and press Enter.
The command will display key protectors as No one is found.
- Now type or copy and paste below command and hit enter to add TPM as key protector to operating system drive. If the C: drive is not the drive letter for your operating system, replace it accordingly.
Add-BitLockerKeyProtector -MountPoint "C:" -TpmProtector
After the command is successfully executed, the problem should be resolved. You can now run the
manage-bde -status command to check the encryption status of the drive.
How do I resume paused BitLocker encryption?
To resume paused BitLocker encryption, follow these instructions; open the command prompt in administrator mode.
In the CMD prompt, type
manage-bde -protectors -disable C: and press Enter.
After the command is executed successfully, you can then start the encryption process by running the command
manage-bde -resume C:.
Can I stop BitLocker encryption?
Essentially, you won’t be able to cancel the BitLocker encryption process because it’s a built-in feature. However, you can pause or resume encryption – open BitLocker Drive Encryption by clicking the Start button> Control Panel> Security> BitLocker Drive Encryption.