There are several recovery key files on my computer, so I'm unsure which one is the one I need. How can I distinguish the recovery key IDs from different disks and retrieve my recovery key?
The 48-digit BitLocker recovery key is actually very important for BitLocker Drive recovery if you’ve forgot your BitLocker password and no way to unlock it. The following methods is here to help you find the BitLocker recovery key id and then regain your BitLocker recovery key.
Step 1 Click on the locked disk, it will pop up a unlock window, typically using a password.
Step 2 Click "More options" > "Enter recovery key" to unlock using the recovery key.
Step 3 A prompt displaying the recovery key ID will appear.
Note: If you have saved the recovery key as a file in your computer's file system, you can search for a recovery key file named with the recovery key id prefix:
BitLocker Recovery Key E72E4702-71D9-478B-AEB7-930407BE2C8A.TXT
The file will contain the recovery key inside:
BitLocker provides a backup option to allow you to save the recovery key ID and recovery key file again.
Step 1 Type "Manage BitLocker" in the search box and press "Enter".
Step 2 Click on the "Back up the recovery key" option next to the BitLocker-protected drive.
Step 3 Choose the location where you want to save the recovery key file, then click "Save".
Note: This operation does not generate a new recovery key; it simply creates a backup of the existing recovery key.
BitLocker Manage-bde tool is able to not only enable BitLocker, but also configure BitLocker, and get key protectors:
Step 1 Type "cmd" in the search box, and press "Shift + Ctrl + Enter" to run Command Prompt as an administrator.
Step 2 Execute the following command:
manage-bde -protectors -get E:
Note: For the sake of security, you can only retrieve both the recovery key ID and the recovery key when the disk is in an unlocked state. If the disk is locked, you can only obtain the recovery key ID. In that case, you still need to search for the recovery key file in the file system.
PowerShell can also run manage-bde commands to get BitLocker recovery key id.
Step 1 Right-click on the Windows logo key and select "Windows PowerShell (Admin)".
Step 2 Run the following commands:
Get-BitLockerVolume -MountPoint E | Format-List
The run next PowerShell command:
manage-bde -protectors -get E:
$BLV = Get-BitLockerVolume -MountPoint "E:"
Backup-BitLockerKeyProtector -MountPoint "E:" -KeyProtectorId $BLV.KeyProtector[1].KeyProtectorId
"Get-BitLockerVolume" retrieves information about the BitLocker-encrypted volume and saves it to the "$BLV" variable.
"Backup-BitLockerKeyProtector" backs up the specified recovery key ID's key protector to Active Directory (AD DS).
If you encounter the error message :
"Backup-BitLockerKeyProtector : Group policy does not permit the storage of recovery information to Active Directory."
Please refer to the article on fixing Group Policy settings that restrict recovery information storage to work out it.
I understand your requirement to without triggering the BitLocker to finish System Update.
Lydia
Yes, you can access a bitlocker-protected data drive on another computer.
Benjamin
Accessing data encrypted by BitLocker involves several steps, both from the user's perspective and within the computer's systems. Here is a detailed breakdown of the process.
Benjamin
Firstly you need to assign a drive letter to each disk and USB flash drive to identify the different BitLocker encrypted drives. To view all drives BitLocker lock status on your system, there are several methods.
Lydia
