BitLocker recovery is the process of restoring access to the locked BitLocker drive in times when you cannot unlock the drive normally. Or in case you forgot the BitLocker password, you can utilize the BitLocker recovery keys and unlock the BitLocker-protected volume.
Scroll down to find how to get the BitLocker Recovery Key. In this guide, you’ll learn several ways to find the BitLocker Recovery Key. Also, the guide includes some FAQs discussing how to use BitLocker on Windows 10 and more!
Part 1. What Is BitLocker Recovery Key
A BitLocker recovery key, well, is a decryption key that is generated when you choose to protect the volume using BitLocker. By default, the BitLocker encrypts the volume using the AES encryption algorithm in cipher block, meaning it is pretty much impossible for anyone (or any third-party tools) to decipher the code. So it all comes down to the versatile Command Prompt (plus PowerShell) and backups that you may have created at the time of generating the key.
The reason it is unlikely: AES encryption (or most encryption for that matter) makes the strait-laced data into a scramble one using a 48-digit numerical password (in the case of BitLocker), and without the authorization — the private key — you cannot decode or access the data.
And that is why Microsoft provides many ways to back up the recovery key while creating it, i.e., save to Microsoft Account, save as Print layout, save on a USB drive, or save as a .TXT file on your computer.
Part 2. How to Get BitLocker Recovery Key
Now that you have understood what is BitLocker Recovery Key is, let us see how to find the forgotten BitLocker key using the Command Prompt and backups you may have created. As stated, Microsoft gives you four options to back up the recovery key. And depending on the chosen option, you can get the BitLocker recovery key using the backups too.
Method 1: How to Get BitLocker Key Using the Command Prompt
Command Prompt may look dull, but it is one of the most powerful tools on Windows OS. From changing unauthorized system settings to performing tasks that are otherwise inaccessible to a user, the Command Prompt can help you with several (if not all) things on a Windows machine.
Here’s how to get the BitLocker recovery key from CMD:
Step 1. Press Win+R to open the Run box. Type in CMD. And, press CTRL+Shift+Enter to open an elevated Command Prompt window.
Step 2. In the Command Prompt windows, type in the following command:
manage-bde -protectors C: -get
Note: In the above command — manage-bde -protectors C: -get — “C:” is the BitLocker-protected drive. So change the drive name if you have to get the recovery key of some other volume instead of “C:” For instance, if you want to get the BitLocker recovery key for Drive “D:” — the command will be:
manage-bde -protectors D: -get
Step 3. Press Enter to obtain the BitLocker key from CMD.
Well, there you go! This is one of the methods to get the BitLocker recovery key. But, as mentioned, the method only works if you have admin privileges. Nevertheless, the below methods can help you to recover the BitLocker key via backups. So, you will not require administrative access to recover them.
Method 2: How to Get BitLocker Key Using the PowerShell
PowerShell is another powerful tool that can help you get the BitLocker recovery key. However, unlike Command Prompt — PowerShell required you to enter multiple commands to find the BitLocker recovery key. Follow these simple steps to find the BitLocker recovery key via PowerShell:
Step 1. Type in PowerShell in the search bar and select Run as administrator to open an elevated PowerShell on Windows OS.
Step 2. Enter the following command:
Set-ExecutionPolicy -ExecutionPolicy RemoteSigned
Press Enter, type in Y, And press Enter again.
Step 3. Now, enter the following command to create a location for saving the BitLocker key:
mkdir c:\temp
And press Enter.
Step 4. Type in the following command:
Get-BitlockerRecoveryKeys.ps1
Now to save the following keys at the location you created in the aforementioned step, use the following command and press Enter.
cd c:\temp
Step 5. Finally, enter the subsequent command to obtain the BitLocker recovery key:
.\Get-BitlockerRecovery.ps1
Tap on the Enter key.
Once you hit Enter, you will see the PowerShell showing you all the BitLocker Recovery Key assigned to the drives.
Method 3: Find the BitLocker Recovery Key via the Created Backups
Coming to the backups, Windows 10 offers four options to save the BitLocker key, namely: Microsoft Account (i.e., one-drive), a copy on a USB drive, a copy on the computer (.TXT file), and print. Depending on the one you chose, follow the steps to recover the BitLocker key:
1. How to find BitLocker Recovery Key from the Microsoft Account (i.e., one drive):
- From a suitable browser, Sign in to your Microsoft Account.
- Choose Devices from the list of options in the ribbon.
- Click on BitLocker Recovery Key.
- Copy or note down the recovery key.
Note: You may see two types of BitLocker Recovery Key in the Microsoft account, i.e., RDV and OSV. RDV means Removal Drive Volume (external drives keys) while OSV means Operating System Volume (internal volumes).
2. Find the BitLocker recovery key on a USB flash drive
You can simply access the USB flash drive that you used to store the BitLocker recovery key and open the .TXT file saved on it. By default the name of the file should be: BitLocker Recovery Key ******* (i.e., your recovery key). But in case you changed the name of the file to something else, ensure to find that instead.
3. Find the BitLocker Recovery Keys from the Printed copy
Another method that Microsoft recommends is to save the BitLocker key by printing a hard copy. So if you have that somewhere safe, just enter the copy of the code in the recovery key box.
4. Find the BitLocker recovery key from the .TXT file saved on the same computer
Some users might have saved the file on the same computer on another drive, so search for that file. You can make the process by searching only for the .TXT file on the computer. And in case you haven’t deleted it by mistake, you can access the .TXT file and get the BitLocker recovery keys from there.
And even if you deleted the file, you can simply use a Windows data recovery tool and get back the deleted file to unlock the BitLocker protected volume.
FAQs About Bitlocker Recovery Key
1. How can I use the BitLocker encryption on Windows 10?
Note: BitLocker encryption is not accessible for Windows 10 Home edition users. Only Windows 10 Education, Pro, and Enterprise editions have the features.
Further, you will have to verify whether your TPM supports the use of the BitLocker encryption or not. You can verify this by opening the Device Manager and access Security Devices within it. Under Security Devices, you will see Trusted Platform Module 1.2 (or some version). However, for BitLocker to work on your computer, the TPM version should be 1.2 or later.
Here’s how to enable BitLocker protection on supported Windows 10 editions:
Note: By following the steps, you will enable BitLocker Protection (hardware-based) on the operating system volume.
- Open Control Panel on Windows 10.
- Choose System & Security (also choose view by: Category)
- Select BitLocker Drive Encryption option.
- Under the Operation System Drive, choose Turn on BitLocker.
- On the pop-up windows, choose the means on where you want to save the BitLocker recovery keys.
- After saving it, tap the Next button.
- On the next screen, you will have to choose between two options, i.e., Encrypt the entire volume or Encrypt only the used Disk Space.
- Choose one of the two encryption mode options, i.e., New Encryption Mode or Compatible Mode.
- Choose Next.
- On the next screen, check the box assigned to Run BitLocker encryption.
- Click Continue.
- Choose Restart Now.
Once the device restarts, the boot may take time depending on how you choose to encrypt the volume, as encryption the whole volume takes much time to encrypt, while the ‘Used Disk Space’ encryption depends on how much space you are encrypting. So wait for the computer to restart.
There’s another way to protect the operating system volume, i.e., Software-based protection, but that is a story for some other time.
2. How can I decrypt BitLocker that is activated automatically?
In case you are wondering, yes, if your device is a modern one that meets certain requirements, then BitLocker may get enabled for one or more volumes (the drives) on your device.
Nevertheless, BitLocker is composed to save the recovery key on your Microsoft account in such cases. So you can access the Microsoft account and ascertain the code from there to unlock the BitLocker protected volume.
3. Can I recover the data on the volume if I forget the BitLocker recovery keys?
Unfortunately, no! The only solution that remains if you forget the BitLocker recovery keys is to format the drive.
4. Are there any third-party tools to find the BitLocker recovery key?
No. Formatting the drive is the only solution to unlock the drive. But that does not mean that all the data on the drive will be lost, too, as you can format the drive and use Windows data recovery software and try to recover the data utilizing the data from the formatted volume.
Conclusion
Now that you know how to find your BitLocker recovery key, you can unlock the protected volumes that are not opening using the password. Moreover, this guide also teaches you what BitLocker Recovery Key is. And also how to shield a volume on Windows 10 using it, so you can protect your sensitive information using the feature.