Windows isn’t considered as flexible as Linux when it comes to low-level system tweaks and fixes, but you might be surprised to learn that the recovery tools built into Windows are actually quite powerful. Recently, a friend of mine was playing Detroit: become human when his PC suddenly froze. After rebooting, a “boot device is not accessible” error occurred, and subsequent reboots resulted in a screen requiring a BitLocker key. If I type this, I end up looping back to the boot device screen, which I can’t access.

That system, powered by an Intel Core i5-14600K and an Intel Arc A770, appeared to be completely dead. Startup Repair couldn’t fix it and Bitlocker refused to unlock the drive using the provided key, so I feared the worst. Thankfully she has backups of all important data, but that seemed strange. How can this happen? and Was it possible to collect it??

Bitlocker made a bad situation even worse.

But actually that wasn’t the problem

I looked at the computer myself and the first thing I saw was the BitLocker recovery screen. I retrieved the recovery key from her Microsoft account, entered it carefully, and gave it a moment. The system rebooted and showed up at the inaccessible boot device screen, then rebooted again and went back to the screen asking for a key again. It accepted input, didn’t do anything useful, and looped. At this point I thought the drive was dead, but it still didn’t make sense. It’s a Corsair MP700, but I haven’t used it much since I bought it.

Instead, I chose to take a different approach and first assessed whether the drive was alive. started clonezilla from bent toy usb Stick it in and run ntfsfix to check the partitions. The NTFS volume mounted successfully and the filesystem itself appeared to be intact. At this point it was obvious to me that the boot configuration itself somewhere in the chain was corrupted.

However, it was unclear what exactly caused the damage. At first I thought it was EFI’s fault, but I didn’t know it was caused by an accident. Also Boot configuration data, also known as BCD, has become corrupted. On modern Windows systems, the boot sequence looks like this:

1. UEFI firmware

2. EFI boot manager

3. \EFI\Microsoft\Boot\bootmgfw.efi

4. BCD store

5. winload.efi

6. Kernel initialization

7. boot start driver

8. system hive

9. userland

If the EFI boot file and BCD become corrupted, the measured boot environment will no longer match the environment in which the TPM sealed the BitLocker key. This meant that it refused to automatically release the encryption key, and manually entering the correct recovery key would disable this, but it didn’t help as I didn’t actually have any valid keys to boot. into the.

This meant that once the partition was decrypted, Windows could proceed with winload, but the corrupted BCD entry was pointing to the wrong device path. When the kernel tried to mount the system volume it failed and threw INACCESSIBLE_BOOT_DEVICE. It turns out that repairing the EFI part only solves half the problem.

Most people have never opened it.

The Windows Recovery Environment provides several graphical repair options, including Startup Repair, System Restore, and Reset this PC, which most people use. No one could fix this. But there’s a command prompt embedded under advanced options, and that’s where the real resilience lies. Considering I mounted it from Clonezilla, I knew the data on the drive was fine, so it was worth figuring out how to properly rebuild the boot sequence.

First, I needed to unlock the BitLocker-encrypted drive. One thing to know about WinRE is that the drive letters don’t necessarily match what you see in regular Windows. The C: drive may appear as D: or E: in the recovery environment, so before doing anything I used “diskpart” to list the volumes and identify the correct drive. From there, I ran “manage-bde -unlock C: -RecoveryPassword”, then entered the 48-digit key, and then ran “`manage-bde -protectors -disable C:” to temporarily disable BitLocker protection. That way I could work on the boot files without getting locked out again during the repair.

The next step was to gain access to the EFI system partition. This is a small hidden FAT32 partition, typically around 100 MB, that holds the Windows Boot Manager and BCD store. By default there is no drive letter, and WinRE does not automatically assign one. I went back to “diskpart”, selected the disk, listed the volumes, found the EFI partition, and manually assigned the letter S. I ran this after manage-bde threw a “parameter is incorrect” error, but forcing a drive letter assignment resolved the issue.

I made the EFI partition accessible on S: and ran “bcdboot C:\Windows /s S: /f UEFI”. This one command does all the heavy lifting for you. Copy the required boot files from your Windows installation to the EFI partition, generate a new BCD store from the built-in template, and configure the boot manager to point to the correct Windows partition. With just one command, the entire boot chain is rebuilt from scratch. I ran “bcdedit /enum” and verified that the new entry was properly displayed, rebooted, and Windows loaded successfully. Everything was intact.

Once back in Windows, I re-enabled BitLocker using “manage-bde -protectors -enable C:” from an elevated command prompt.

And Microsoft keeps adding them

It wasn’t the fix itself that surprised me. That said, these tools, namely “bcdboot”, “bcdedit”, “manage-bde”, and “diskpart”, ship with Windows. For years… However, most people don’t know about its existence. Your default instinct when Windows won’t start is to get an installer USB and start over, but I get it. The recovery environment doesn’t go out of its way to advertise what you can do at the command line. But these tools can save you the trouble of wiping a perfectly healthy drive, and they do much more than most people realize.

Microsoft is also quietly working on improving the recovery environment. Windows 11 now pulls network drivers into WinRE from the main OS installation. This means that the recovery environment can actually connect to the Internet without having to manually insert drivers first. that makes it possible Fast machine recoveryis a feature directly inspired by the 2024 CrowdStrike incident that allows you to automatically download targeted fixes if your device continues to fail to boot. There’s also a point-in-time restore feature in preview, allowing you to rollback to an exact previous system state rather than the nearest restore point.

Of course, there is irony in all this. Microsoft’s own updates caused repeated BitLocker recovery prompts like the one I encountered. With the October 2025 security update, Intel-based PCs also fell into the same order (but One-time unlock(as opposed to Reptile), an accompanying bug broke USB keyboard input in WinRE, leaving affected users unable to even type. type A recovery key to get out of there. Microsoft patched it within a week, but if you didn’t know these commands and got stuck in that loop, you’d be totally out of luck. Startup Repair doesn’t always save the day. If that’s not possible, Command Prompt is the next best option.

That PC is now working perfectly. There was no need to reinstall and no data was lost. This meant I didn’t have to set everything up again from scratch, and it only took one night. These tools have always existed in Windows, so I’m glad I got to try them out first.