Most of us enable the BitLocker Drive Encryption process to protect the data on our drives. It prevents unauthorized access to the drive without a key to protect the personal information stored on the encrypted hard drive.
The BitLocker can be activated with someone with full authorization to the PC. It could be you or your school or organization if they have issued the system.
So anytime we wish to access the drive or a partition of the drive, we will have to undergo authentication.
But sometimes this key isn’t accepted, or we forget what it was, which can be a severe problem as all our data can be lost. The BitLocker error can also occur when you perform a Windows update.
What is the BitLocker Recovery Key?
A BitLocker recovery key is a unique 48-digit numeric password that is used to decrypt your drive in case BitLocker failed to confirm whether the access attempt was user authorized or not.
For example, on a modern PC, Dell Business PC, with Windows Operating systems, BitLocker comes pre-enabled. You can disable the security features from the Control Panel.
Sometimes changes to hardware, firmware, or software of your system can be considered a possible attack by BitLocker, due to which it will ask for a recovery key.
The recovery key may be stored in your Microsoft official account, cloud account, or as files. Using the recovery key is the only way to ensure data recovery.
Where to Find BitLocker Recovery Key?
Before activating BitLocker encryption, BitLocker ensures that the recovery is saved securely somewhere. You can find this key depending on where you chose to save it while activating it.
1. Microsoft Official Account
Your BitLocker might be saved in your or the computer owner’s Microsoft account, depending on the person who initiated the BitLocker services on your system.
The recovery key is automatically saved to the user’s Microsoft account before BitLocker activation for most modern devices.
2. Azure Active Directory
If your system uses work or school credentials with someone else as the admin, the BitLocker recovery key may be stored using the organization’s Azure AD credentials.
3. Saved Printout
The BitLocker recovery key might be saved on a printout or as a file somewhere on your computer. Look for the folder where you usually keep the essential documents and then use it for data recovery.
4. USB Flash Drive
If you saved the BitLocker recovery key on a USB hard drive, then plug in the USB in your computer and follow the on-screen instructions to recover the key. If the key was saved as a text file on the drive, then plug the USB into another computer to read the text file.
How to unlock BitLocker when BitLocker password or recovery key not working
BitLocker is one of the best security features of Windows 10. Sometimes this feature can be chaotic to handle.
It is a dreadful experience when you cannot decrypt the BitLocker-protected drive as it would be impossible to ensure data recovery from the locked drive.
Before we get into recovering the BitLocker key, we suggest you try to enter the correct BitLocker password and the correct BitLocker recovery key if you have it.
We have enlisted four fixes that will support you in recovering the key to perform data recovery.
Fix 1: Add Bitlocker Recovery in Active Directory
Fix 2: Unplug the Power Cable (of Your System) or Remove the Battery (of the Laptop)
Fix 3: Use the Command Prompt
Fix 4: Recover the BitLocker Key from the Online Locations
Fix 1: Add BitLocker Recovery Key in AD
When we install a new domain controller that requires an AD to store the BitLocker recovery key, by default, the BitLocker Recovery tab is absent.
Step 1. Go to the Server Manager, click on Manage and select “Add Roles and Features.”
Step 2. Now, follow the on-screen instructions of the wizard until you reach the Features screen.
Step 3. Locate “Remote Server Administration Tools” and expand “feature Administration Tools.
Step 4. Expand the “BitLocker Drive Encryption Administration Utilities” and tick the “BitLocker Recovery Password Viewer” checkbox.
Step 5. Click the Next button and then click on Install.
Fix 2: Unplug the Power Cable (of Your System) or Remove the Battery (of the laptop)
Sometimes unwanted changes in the system’s circuitry can cause the BitLocker to assume an attack and lock the drive. It will prevent data recovery.
Step 1. Power off or shut down your system forcefully using the power button.
Step 2. Now remove the power cable from the power source or remove the laptop battery.
Step 3. Let the computer and motherboard components cool down for 5 minutes and then reconnect the battery or plug the power cable.
Step 4. Secure Boot your system and check if the BitLocker issue is resolved. If it is fixed, then open the Control Panel and disable BitLocker to access the problematic drive.
Fix 3: Use the Command Prompt
If you can log in to your system, that means the BitLocker issue is limited to the drives, and thus data recovery is possible. You can use the command prompt to find the BitLocker key.
Step 1. Press the Windows key and type “cmd” in the search box.
Step 2. Select “Run as Administrator” after right-clicking on the Command prompt option.
Step 3. Type the following code and press enter. In the following command, Replace “X” with the problematic drive letter.
manage-bde -protectors X: -get
Step 4. You will get the recovery ID and recovery key. Enter that key to decrypt the locked drive.
Alternatively, you can perform the following steps:
Step 1. In the Windows search box, search for Notepad and open it.
Step 2. Now, type the following code lines in it:
$BitLockerVolumers = get-BitLockerVolume
$ BitLockerVolumers | ForEach-Object {$MountPoint = $_.MountPoint
$RecoveryKey = [string]($_.KeyProtector).Recovery Password
If ($RecoveryKey.Length -gt 5) {
Write-Output ("The drive $MountPoint has a BitLocker recovery $RecoveryKey.")
}
}
Step 3. Now save the file by pressing Ctrl + Shift + S. Or, click on the File menu in the menu bar and select “Save As.”
Step 4. In the Save As window, click the “save as type:” dropdown and choose All Files (*.*). Enter the file name as RecoveryKey.ps1. Press the Save button.
Step 5. Now open Windows PowerShell by searching “PowerShell” in the Windows search box. Select “Run as administrator.”
Step 6. Type the “cd” statement in the command line to navigate to the directory where the “RecoveryKey.ps1” file you created in step 3 is stored and executed the file.
Step 7. Use the key provided to unlock the BitLocker encryption.
Fix 4: Recover the BitLocker Key from the Online Backup Locations
It might be possible that your BitLocker Recovery key is stored in your or the school’s or work’s account.
OneDrive
Step 1. Launch any web browser in your system and go to the OneDrive recovery page.
Step 2. Login using your credentials and check if the recovery key is present.
Microsoft Official Account
Step 1. Launch any web browser in your system and go to the Windows page.
Step 2. Navigate to the Devices menu given in the left pane. The problematic drive must be visible in the BitLocker recovery tab.
Step 3. In the device section for which the security is enabled, click on the “View BitLocker key” and check if the problem is fixed.
Step 4. Alternatively, go to the drive BitLocker recovery page and check if your key exists for the selected problematic device.
Azure or Office 365
Step 1. Go to Azure and log in using the credentials for your school or work account.
Step 2. Locate the Azure Active Directory menu in the left navigation bar and click on it.
Step 3. Go to devices and then go to the All-Devices tab or BitLocker recovery tab to open the encrypted device.
Step 4. Copy the BitLocker recovery key of the device and use it to resolve the BitLocker issue.
Conclusion
BitLocker is an encryption process provided by the Windows operating system to protect user data from unauthorized access.
Many users encrypt their operating system or drive with Bitlocker to enable password protection for sensitive data.
However, sometimes they get an error message that the operating system failed to decrypt the encrypted disk. This usually happens when there are some essential changes to the operating system.
In such cases, the decryption key is required. We hope that the fixes provided above can help the user gain access to the disk if they lose the key to decrypt the operating system or the disk.
