Aka.ms/recoverykeyfaq – Find your Bitlocker Recovery Key.

June 30, 2021

Find your BitLocker Recovery Key.

Your Bitlocker recovery key can be present in several places, depending on what the user did when activating BitLocker. Below, we have outlined how to find you Bitlocker recovery key in several ways. BitLocker is a encryption feature for hard-drives included with Windows Vista, Windows 7, Windows 8, Windows 10 and Windows 11.

The blue Bitlocker Recovery Key input screen, that many encounter, often materialises after a feature system update, and more commonly on HP, Lenove and Dell computers.

What is a BitLocker recovery key?

A BitLocker recovery key is a 48-digit numerical password, which is used to unlock your system, if BitLocker cannot confirm that access is authorized. The Bitlocker recovery key can be stored in your Microsoft account, or could be printed out or saved as a file. The recovery key is usually 48 characters long with dashes every five characters.

Where do I find my Bitlocker recovery key?

When you first activated Bitlocker, you would have been given four options to save your Recovery Key: Saving your recovery key to your Microsoft account in the cloud, Print it out, Save to a .TXT File, or Save on a USB Drive. So, it is important that you remember which method, you chose.

If your device, such as a laptop or console is asking you for your BitLocker recovery key, you should therefore look in the following places for it:

In your linked Microsoft account:

Visit: https://account.microsoft.com/devices/recoverykey or https://aka.ms/myrecoverykey or https://onedrive.com/recoverykey and sign in to you Microsoft account. Your recovery key will be shown on the screen. Copy it into the Bitlocker Recovery Key screen. (TIP: Try signing in with any Microsoft account that has ever been connected to this computer).

On a printout:

Your recovery key coul be on a printout that you printed saved when you activated BitLocker.

In a TXT file: If you saved the key as a TXT file on your computer, search your computer for:

BitLocker Recovery Key.TXT or BitLocker Recovery Key.BEK.However, Bitlocker does not give an option to save the key at setup on the drive/computer you are encrypting, so you will only find a TXT file if you specifically did this on your you own, after setup. The Bitlocker Encryption Key will normally be saves as a .BEK file.

On a USB flash drive:

If you have saved the key as a text file on a USB flash drive, then use a different computer to read the text file.

In an Azure Active Directory account:

If your device was used when signing in at work or to a school email account, your Bitlocker recovery key could be stored in that company’s/intitution’s Azure AD account. You could access it directly or you could contact a system administrator to access your Bitlocker recovery key.

Recovery Key Held by a system administrator:

If your device is connected to a work or school device, then ask the system administrator for your Bitlocker recovery key.

If you cannot find the Bitlocker Recovery Key, you will not be able to boot the computer and enter Windows.

Example if a Bitlocker ID Identifier and the Bitlocker recovery key. You will need to enter the recovery key on the blue Bitlocker Recovery screen.

If you are have just activated your Bitlocker account, you could also email the recovery key to yourself for storage (not recommended).

How to find forgotten Bitlocker Recovery Key (Windows 10).

Without a correct password, the Bitlocker recovery key is the only way you can unlock your BitLocker encrypted hard-drive. Here is how you find the key, if you forgot it, :

Step 1: Open the ‘Command Prompt’ in Windows 10 with or without login, by either

1. Pressing and holding the Shift key and click on Power > Restart option.

2. In the Choose an Option window, simply click on Troubleshoot > Advanced options > Command Prompt.

3. Open Command Prompt after login but pressing Windows + X then choose Command Prompt (Admin) from the menu.

4. Search gor ‘Command Promt’ in Windows Search.

Step 2: in the Command Prompt window, execute the command below to get a new BitLocker recovery key:

manage-bde -protectors G: -get

You will then see the 48-digit password which is the BitLocker recovery key. Save it and unlock BitLocker drive with this recovery key.

How to recover my Bitlocker Recovery Key without access to Windows.

This works, if you have linked your mobile device/computer with an Microsoft Account.

Summary:

  • Open a phone browser and go to the https://support.microsfoft.com, https://endpoint.microsoft.com or https://devicemanagement.microsoft.com and log in to you Microsoft account.
  • Find Device and click on ‘All Devices’.
  • Find your Bitlocker protected device/computer and click on ‘Manage’.
  • Go to the ‘Monitor’ section.
  • Click on Recovery Keys.

Watch this video for the full guide:

Restore your computer to a previous Restore Point.

If you still cannot find a working Bitlocker Recovery Key, you can restoere your Windows computer to a previous time, before Bitlocker was installed.

Start your Windows computer in BIOS startup mode.

Click on Troubleshoot.

Click on Advanced Options

Click on System Restore.

Restore your computer to a previous Restore Point before Bitlocker was activated.

Aka.ms/recoverykeyfaq.

Https://aka.ms/recoverykeyfaq is Microsoft’s own Bitlocker Recovery Key help page. It appears as an option on the blue Bitlocker Recovery screen. It is very sparse, however, and does not provide solutions to the most common problems. hence, we created this help page. For a detailed Microsoft guide for specialists, please see https://docs.microsoft.com/en-us/windows/security/information-protection/bitlocker/bitlocker-recovery-guide-plan.

Why is Windows asking for my BitLocker recovery key?

BitLocker is the Windows encryption technology. Windows will ask for a BitLocker recovery key, when Windows detects an insecure connection or possible threat. Changes in hardware, firmware, or software can result in a situation where BitLocker cannot see the difference from a legit software/hardware change and a possible attack. BitLocker may then ask for the Bitlocker recovery key to make sure that it is an authorized user of a device that is trying to unlock it.

How was BitLocker installed and activated on my device?

BitLocker could have been activated t in these threee ways:

  • Your device is a modern device: The BitLocker recovery key will then be automatically saved to your Microsoft account before the Bitlocker protection is activated.
  • The Administrator of your device originally activated BitLocker protection in the Control Panel: The administrator would have activated BitLocker and chosen where to save the key or  it was automatically saved to the admiistrators/owners Microsoft account.
  • A work/school organization managing your device coul have activated BitLocker protection on your device: This organization should have your BitLocker recovery key.

What is the BitLocker recovery key ID?

This is the BitLocker recovery key identifier, and it identifies the harddrive that you are trying to encrypt/unlock.  If the Bitlocker recovery key ID matches the one on your drive, you can unlock it.
If the recovery key ID does not match the one on your drive, you will be asked for the correct Bitlocker recovery key to unlock your drive.

Leave a Reply

Your email address will not be published. Required fields are marked *