How do I fix "The TPM is defending against dictionary attacks and is in a time-out period."?

If you try to manage BitLocker drive encryption on a computer that has had a user type in his/her PIN too many times, you may get this error:

BitLocker Drive Encryption Error
Cannot run.

The TPM is defending against dictionary attacks and is in a time-out period.

01-BitLocker_TPM_Error

To resolve this issue, run the Trusted Platform Management Module (TPM) Management console by running tpm.msc from the Run or Search box. In the TPM Management console, click on Reset TPM Lockout.

02-BitLocker_TPM_Error

Click on I want to enter the owner password. (You do have the TPM owner password, don’t you? If you’re not backing it up to Active Directory, here’s how you can do it!)
03-BitLocker_TPM_Error
Type in the TPM owner password and click Reset TPM Lockout.

04-BitLocker_TPM_Error

You’re done!

05-BitLocker_TPM_Error

13 thoughts on “How do I fix "The TPM is defending against dictionary attacks and is in a time-out period."?

  1. Syed Kumir March 13, 2013 / 1:57 AM

    thank you

  2. Muniyrah West March 1, 2016 / 3:58 PM

    Do you know if this fix will work on a surface pro 3? TPM is defending against a dictionary attack on this device.

    Thank you,
    Muniyrah

    • Kyle Beckman March 2, 2016 / 10:51 AM

      There’s no reason I’m aware of that this wouldn’t work.

      • Dave November 3, 2016 / 9:43 PM

        Doesn’t work for me on a Surface Pro 3 for Windows 10. Seems that when its under “Dictionary Attack” I am not able to unlock it using the OnwerAuth or anything else. Trying to get more information personally.

  3. Alexandre April 2, 2016 / 3:33 PM

    Hi!

    Thank you for sharing this information, but in my case TPM Management console is interely gray (i can’t click on Reset TPM Lockout).

    Have you any advice for my case?

    Thank you

  4. Nomfundo May 27, 2016 / 8:37 AM

    Thank You, It worked

  5. Joe October 11, 2016 / 1:40 PM

    How do you fix this in a OSD deployment, I got a script but requires to press F12 after a reboot which I want it to be automated

  6. Keith Nowosielski October 25, 2016 / 7:53 PM

    I have this setup per your spec’s but I don’t have msTPMownerinfo populated?

  7. Rahul January 20, 2017 / 5:58 AM

    Hi Kyle, My Reset TPM Lockout option is greyed out. Do you know why this may be?

  8. Andre January 26, 2017 / 10:04 AM

    Good morning. I was trying to set up bitlocker ob my Dell XPS 15 running Win10 Enterprise. After running the Bitlocker wizard on C: I got this error: “The TPM is defending against dictionary attacks and is in a time-out period”. So I opened the TPM MMC and I saw that all the options in the action menu are blanked out except for “Prepare the TPM”. Unfortunately when I click on it I get another error: “The TPM on this computer is currently locked out”. What can I do to resolve it?

  9. Jad March 29, 2017 / 5:07 AM

    I have the same problem as Alexandre was facing :

    “TPM Management console is interely gray (i can’t click on Reset TPM Lockout).”

    Have you any advice for my case?

    Thank you

  10. Jad April 3, 2017 / 8:15 AM

    Hello,

    Any advice if I am having a problem like Alexandre “TPM Management console is interely gray (i can’t click on Reset TPM Lockout)” ?

  11. Troy May 3, 2018 / 5:18 PM

    Similar issue here. All I can do is prepare or clear the TPM. The only other command is refresh. I’m afraid to click on any of the choices, frankly. This all started because my Bitlocker started asking for the key EVERY SINGLE TIME I booted the computer. The online solution was to suspend and then resume Bitlocker. This is the error I got when I tried to resume.

    The good news is, I no longer had to put the $%!#!%$^@! Bitlocker key in every time I boot the computer.

Leave a Reply to Kyle Beckman Cancel reply