Disable Dell Security Manager Password Prompt With Bitlocker Hardware Encryption eDrive

Thank you! We have received the required details. We will work towards a resolution. In the meantime, you may also receive assistance or suggestions from the community members.

Related Threads:

https://www.reddit.com/r/Dell/comments/zs9s2n/disable_dell_security_manager_password_prompt/

https://www.reddit.com/r/Dell/comments/w24cqt/anyone_with_a_modern_xpsprecision_using_bitlocker/

Bitlocker Hardware Encryption Status

Definitely a bug. Shouldn't happen. Can we expect a fix for this?

@DELL-Cares will you assign a Dell engineer to reproduce the issue and fix your faulty firmware?

@DELL-Cares Thank you for the following useful DM:

I understand, I would request you to check the configurations with our sales team  and confirm which drive shall work after upgrade. 

 

With that being said, is the original drive still able to boot?

---

Yes, I am still able to boot. I am using a standards compliant NVMe drive that supports the IEEE1667 encryption standard. A standard which Dell laptops support but unfortunately hamper with Dell Security Manager. This is not a sales issue.

Here is another thread that talks about the same exact issue:

https://www.dell.com/community/XPS/XPS-9520-Edrive-SED-support/td-p/8269387

@DELL-Cares Reply to your DM below:

Hi,

This is a follow-up message. I hope you are doing well.

May I know:

1. When the BitLocker was disabled was a BIOS load default done?

2. Is there a BIOS password set up on the system, if yes please remove it and check.

Waiting to hear from you.

Have a nice day.

---

 1. The BIOS was defaulted and reconfigured before Bitlocker was enabled.

2. There are no BIOS passwords of any type configured. The Dell BIOS erroneously recognizes eDrive IEEE1667 SED hardware Bitlocker encryption, a subset of the TCG Opal standard as a "password".

More info about the standard here:

https://learn.microsoft.com/en-us/windows/security/information-protection/encrypted-hard-drive

We have three machines that are setup the same way and have the same annoying prompt at each boot. There are multiple people here and Reddit reporting this exact issue.

Has anyone been assigned to investigate this firmware bug?

@DELL-Cares 

Thank you for messaging us. To ensure the privacy of your information, we recommend that you continue chatting with us through direct message. We apologize for the inconvenience.

 Thank you for being concerned about the privacy of my information. However, I am not posting any sensitive information.

@DELL-Cares 

Hi,

This is a follow-up message. I hope you are doing well.

As the issue is seen with the upgraded SSD, I request you to please contact the SSD manufacturer.

Since this is third-party hardware.

Have a nice day.

The SSD is third-party hardware. And it works without issue.

However, there still remains a firmware bug in Dell's UEFI firmware that fails to properly recognize IEEE1667. In fact, Lenovo ThinkPad laptops do not have this issue with this exact same drive.

Maybe I'm approaching this from the wrong angle...

How does one disable the Dell Security Manager UEFI prompt? Can the timeout for the Dell Security Manager UEFI prompt be reduced from 10 minutes to 30 seconds? If this is currently not supported, can a feature request for this functionality be opened?

@DELL-Cares 

I apologize for the inconvenience this has caused you.

We do not have a method to disable/reduce the timeout period from BIOS or add any options in BIOS. 

Once a new version of BIOS is available, then I request you to check.

 

Our scope of support is limited as the upgraded SSD is third-party hardware.

---

I'll be waiting for a BIOS update that fixes this issue.

---

@ltctech wrote:

However, there still remains a firmware bug in Dell's UEFI firmware that fails to properly recognize IEEE1667. In fact, Lenovo ThinkPad laptops do not have this issue with this exact same drive.

Can confirm. This only happens on my XPS. It's a bit problematic because there's no reliable way to use self encrypting drives on my Dell machine. Dell's own SED password feature is not an option because If the machine breaks, there is no way to unlock the SSD without a notebook of the same model.

Updated XPS 9710 BIOS to 1.19.0 released on 07 Apr 2023. This issue still remains unfixed.

Same issue on my Precision 3581 with the latest BIOS.  Super frustrating and it's really the final piece here keeping me from using hardware encryption.

For kicks, I took the drive out of my Dell and put it into my new HP.  The HP also prompted me for a password on boot-up that I had to press ESC to bypass.  The difference is that there is a setting in the HP BIOS called "Allow OPAL Hard Drive SID Authentication."  When this checkbox is checked, no password is required, and the drive can still be seen (and decrypted) by Windows To Go without an issue.

It would seem that HP has figured this out while Dell has not.  I don't understand why they cannot do this.  Something is clearly wrong if a password prompt is being shown when there is no password needed.

How is it that Dell hasn't been able to fix this issue for more than a year, especially since both XPS and Prescision users are affected.

XPS 9730 same problem. @DELL-Cares please let us know if the problem is going to be resolved.

An Intel NUC user had the same issue 5 years ago but unlike Dell, Intel released a fix two months later. Here we are, years later..