Hi Kathryn:
Are your machines modern standby capable? Many newer machines are. If so then there is a way to enable bitlocker such that the user is never prompted for a key. The pin is stored in the machine’s TPM and the recovery key is backed up to either your active directory environment or AAD depending on your implementation You can read more about making this work herehttps://docs.microsoft.com/en-us/windows/security/information-protection/bit.... I would also suggest consulting with Microsoft’s Enterprise Disability Answer Deskmailto:edad@microsoft.com, they can help with this a bit more. I will say this is the way my work machine is set up, and I never have had to worry about entering a preboot pin, the machine just boots up like Bitlocker was never enabled, even though it really is enabled and my drives are fully encrypted.
Thanks.
Ryan
-----Original Message-----
From: Kathryn Jedynak