Results 1 to 11 of 11
  1. #1
    New Lounger
    Join Date
    Dec 2013
    Posts
    6
    Thanks
    1
    Thanked 4 Times in 4 Posts

    Lightbulb Startup Recovery with Bitlocker - didn't back up Recovery Key

    "I don't need that stupid Recovery Key; it'll never be necessary. I know what my Bitlocker password is because I type it every time I switch on my computer; I'm hardly likely to forget it."

    Ahem. Pride goes before a fall, I believe the Book of Proverbs says...

    Turns out the Recovery Key is needed in certain situations, one of them being Startup Repair. My Windows 8.1 machine didn't shut down properly, and so wanted to do an automatic repair when it next booted. I was asked for my Bitlocker password as normal when the machine booted, but the Repair process wanted the Bitlocker Recovery Key, not the password.

    And guess who didn't bother backing up his Recovery Key because, after all, "it'll never be necessary..."

    All is not lost, however. The Recovery Key can still be retrieved. After clicking "Skip this drive", one can get to a Command Prompt through the Troubleshoot -> Advanced options -> Command Prompt options.

    Once at the Command Prompt, retrieving the Bitlocker Recovery Key is a two step process:
    • Unlock the encrypted drive
    • Display the encryption protectors

    The Manage-bde.exe Parameter Reference came to the rescue, but still required a bit of experimentation. That page only shows the "-password" parameter in the section about enabling Bitlocker encryption, but it turns out that "-password" is supported for other functions, including "-unlock".

    To unlock my drive, I typed manage-bde -unlock c: -password. The program prompted me for my password (with no visible confirmation of key presses) and then unlocked the volume.

    Then, to retrieve the Recovery Key, I typed manage-bde -protectors c: -get. Hey presto! There was my 48-digit Recovery Key in all its glory. That Recovery Key has now been backed up somewhere safe, because I don't want to go through this rigmarole again.

  2. The Following User Says Thank You to Alex Morris For This Useful Post:

    RetiredGeek (2015-03-16)

  3. #2
    New Lounger
    Join Date
    Mar 2015
    Posts
    1
    Thanks
    0
    Thanked 1 Time in 1 Post

    Thumbs up

    Quote Originally Posted by Alex Morris View Post
    "I don't need that stupid Recovery Key; it'll never be necessary. I know what my Bitlocker password is because I type it every time I switch on my computer; I'm hardly likely to forget it."

    Ahem. Pride goes before a fall, I believe the Book of Proverbs says...

    Turns out the Recovery Key is needed in certain situations, one of them being Startup Repair. My Windows 8.1 machine didn't shut down properly, and so wanted to do an automatic repair when it next booted. I was asked for my Bitlocker password as normal when the machine booted, but the Repair process wanted the Bitlocker Recovery Key, not the password.

    And guess who didn't bother backing up his Recovery Key because, after all, "it'll never be necessary..."

    All is not lost, however. The Recovery Key can still be retrieved. After clicking "Skip this drive", one can get to a Command Prompt through the Troubleshoot -> Advanced options -> Command Prompt options.

    Once at the Command Prompt, retrieving the Bitlocker Recovery Key is a two step process:
    • Unlock the encrypted drive
    • Display the encryption protectors

    The Manage-bde.exe Parameter Reference came to the rescue, but still required a bit of experimentation. That page only shows the "-password" parameter in the section about enabling Bitlocker encryption, but it turns out that "-password" is supported for other functions, including "-unlock".

    To unlock my drive, I typed manage-bde -unlock c: -password. The program prompted me for my password (with no visible confirmation of key presses) and then unlocked the volume.

    Then, to retrieve the Recovery Key, I typed manage-bde -protectors c: -get. Hey presto! There was my 48-digit Recovery Key in all its glory. That Recovery Key has now been backed up somewhere safe, because I don't want to go through this rigmarole again.
    You, Sir, deserve a medal. I felt like I was searching in vain because my problem (and thinking) was exactly as you described, and yet every response to other people's queries seemed to be "you should have known/too bad."

    Your solution worked for me, and I registered on this site just to say as much. Thanks.

  4. The Following User Says Thank You to jimjobe For This Useful Post:

    Alex Morris (2015-03-16)

  5. #3
    New Lounger
    Join Date
    Dec 2013
    Posts
    6
    Thanks
    1
    Thanked 4 Times in 4 Posts

    Thumbs up

    Quote Originally Posted by jimjobe View Post
    You, Sir, deserve a medal. I felt like I was searching in vain because my problem (and thinking) was exactly as you described, and yet every response to other people's queries seemed to be "you should have known/too bad."

    Your solution worked for me, and I registered on this site just to say as much. Thanks.
    Heh. Wow. I'd forgotten I'd written that; it was a while ago.

    I'm glad it was useful for you. You're very welcome.

  6. #4
    5 Star Lounger access-mdb's Avatar
    Join Date
    Dec 2009
    Location
    Oxfordshire, UK
    Posts
    1,056
    Thanks
    92
    Thanked 81 Times in 77 Posts
    Quote Originally Posted by jimjobe View Post
    You, Sir, deserve a medal. I felt like I was searching in vain because my problem (and thinking) was exactly as you described, and yet every response to other people's queries seemed to be "you should have known/too bad."

    Your solution worked for me, and I registered on this site just to say as much. Thanks.
    Welcome as a new poster and hopefully you will become a regular user, both asking for help and giving helpful answers as well.

  7. #5
    New Lounger
    Join Date
    May 2015
    Posts
    4
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Quote Originally Posted by Alex Morris View Post
    "I don't need that stupid Recovery Key; it'll never be necessary. I know what my Bitlocker password is because I type it every time I switch on my computer; I'm hardly likely to forget it."

    Ahem. Pride goes before a fall, I believe the Book of Proverbs says...

    Turns out the Recovery Key is needed in certain situations, one of them being Startup Repair. My Windows 8.1 machine didn't shut down properly, and so wanted to do an automatic repair when it next booted. I was asked for my Bitlocker password as normal when the machine booted, but the Repair process wanted the Bitlocker Recovery Key, not the password.

    And guess who didn't bother backing up his Recovery Key because, after all, "it'll never be necessary..."

    All is not lost, however. The Recovery Key can still be retrieved. After clicking "Skip this drive", one can get to a Command Prompt through the Troubleshoot -> Advanced options -> Command Prompt options.

    Once at the Command Prompt, retrieving the Bitlocker Recovery Key is a two step process:
    • Unlock the encrypted drive
    • Display the encryption protectors

    The Manage-bde.exe Parameter Reference came to the rescue, but still required a bit of experimentation. That page only shows the "-password" parameter in the section about enabling Bitlocker encryption, but it turns out that "-password" is supported for other functions, including "-unlock".

    To unlock my drive, I typed manage-bde -unlock c: -password. The program prompted me for my password (with no visible confirmation of key presses) and then unlocked the volume.

    Then, to retrieve the Recovery Key, I typed manage-bde -protectors c: -get. Hey presto! There was my 48-digit Recovery Key in all its glory. That Recovery Key has now been backed up somewhere safe, because I don't want to go through this rigmarole again.


    Hi I was wondering I was trying to do this it didn't seem to wrk for me I have got to the command prompt when booting up. Cant log in without the recovery key made a change to the system I know the start up pin could you please help

  8. #6
    WS Lounge VIP
    Join Date
    Dec 2009
    Location
    Earth
    Posts
    5,517
    Thanks
    20
    Thanked 485 Times in 462 Posts
    Stephen, have you typed this command: manage-bde -unlock c: -password
    If that is successful, type this to show the recovery key: manage-bde -protectors c: -get

    cheers, Paul

  9. #7
    New Lounger
    Join Date
    May 2015
    Posts
    4
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Quote Originally Posted by Paul T View Post
    Stephen, have you typed this command: manage-bde -unlock c: -password
    If that is successful, type this to show the recovery key: manage-bde -protectors c: -get

    cheers, Paul
    Hi Paul, I can only get to the command prompt through advanced startup recovery. It keeps saying something about not the correct paramter when I run that command. not sure whats wrong. Could be just entering it wrong I will try it tomorrow

    Thanks

  10. #8
    WS Lounge VIP
    Join Date
    Dec 2009
    Location
    Earth
    Posts
    5,517
    Thanks
    20
    Thanked 485 Times in 462 Posts
    Try this syntax.
    manage-bde -protectors -get C:

    cheers, Paul

  11. #9
    New Lounger
    Join Date
    May 2015
    Posts
    4
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Hi Paul I will try that now,

    Its the first part which doesn't work for me

    manage-bde -unlock c: -password

    It doesn't ask me for password it just says something about the parameter not existing.

    If I do it on a laptop that can get on this command works perfectly

    I have a start up pin and no recovery key. Its strange as this is the exact same scenario as the persons above Any help would be apperciated

  12. #10
    New Lounger
    Join Date
    May 2015
    Posts
    4
    Thanks
    0
    Thanked 0 Times in 0 Posts
    it says error occurred code 0x80070057

  13. #11
    WS Lounge VIP
    Join Date
    Dec 2009
    Location
    Earth
    Posts
    5,517
    Thanks
    20
    Thanked 485 Times in 462 Posts
    Do you have more than one partition?
    https://support.microsoft.com/en-us/kb/2019926

    Are you running the correct level of Windows?
    https://social.technet.microsoft.com...7itprosecurity

    cheers, Paul

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •