You will not get the option to reset Pin in bitlocker when using TPM+PIN+StartupKey protectors in vista sp1

Aah i dont write blogs in such a nice format but this was written for an another document and i am putting same copy-paste here to save time.Hope this helps.

=======

SYMPTOMS

When you are using TPM+PIN+StartupKey protector on vista sp1 bitlocker enabled vista client you will not get the option to reset the pin when you go to Bitlocker drive encryption applet in control panel. The only option you receive when you choose "select keys to manage" is duplicate the recovery passowrd.

CAUSE

This is by design. Please use manage-bde.wsf to delete the exiting TPM+PIN+StartupKey protector and then add a new one if you need to reset the PIN. The GUI shows resetting PIN option only when there is a TPM+PIN protector.

RESOLUTION

1 Open the command prompt with administrator privilege.
2 Type:- cd c:\windows\system32
3 Type:- cscript manage-bde.wsf -protectors -delete c: (where c: is the volume being protected)
4 This command will remove all key protectors unless you provide additional parameters.
5 Press enter
6 Type :- cscript manage-bde.wsf -protectors -add (volume to be protected, for eg. c: ) -rp -rk (volume to store recovery key, for eg. f:) -tpsk -tp (pin that you want to be set for eg. 1234) -tsk (volume where you want to store the startup key for eg. g:)
7 Finally the command will appear as:- cscript manage-bde.wsf -protectors -add c: -rp -rk f: -tpsk -tp 1234 -tsk g:
8 You have sucessfully reset the pin.

======

The Information provided here is "AS IS"

 Gaurav Anand