[Resolved] AMST-3083: In certain scenarios BitLocker key may not escrow immediately into the Console which might cause devices to lock

Version Identified

Windows Unified Agent 9.1+ and versions below






AirWatch has identified a potential issue with BitLocker in AirWatch 9.1 where the recovery password may not be stored in the Workspace ONE UEM (AirWatch) Console under certain conditions. The identified conditions include:

  • The device already sent all samples to AirWatch,
  • a new recovery key is generated on the device when it is offline and
  • the device is booted into BitLocker recovery mode due to a hardware or firmware change on the device.

If all three conditions are met, the device will boot into the recovery mode and the escrowed recovery key will not work. When this issue occurs and the device boots into the BitLocker recovery mode, the device cannot be unlocked using the recovery key and will need additional steps to unlock.




Fix Versions

AirWatch 9.0.5+

AirWatch 9.1.2+


AirWatch Unified Agent

Note: Make sure to enable the Protection Agent Automatic Updates flag.

Have more questions? Submit a request


Article is closed for comments.