BitLocker recovery, where/how to find BitLocker recovery key in Windows 10/8/7?

Updated by Tim to BitLocker Recovery Tips on September 24th, 2020

Table of Content

What is BitLocker recovery key?

A BitLocker recovery key, aka Microsoft recovery key or Windows recovery key, it is a special key that was automatically generated when encrypting the specific drive with BitLocker drive encryption.

BitLocker recovery key is stored in a .BEK file named like BitLocker Recovery Key 444C8E16-45E7-4F23-96CE-3B3FA04D2189.BEK as below:

BitLocker recovery key

BitLocker recovery key format: 419595-387156-44334-315590-197472-399399-320562-361383

BitLocker recovery key is used to unlock your BitLocker drive when you forget the password or the BitLocker password is not working.

Where/How to find BitLocker recovery key in Windows 10/8/7?

There are five methods to find BitLocker recovery key on Microsoft site: http://windows.microsoft.com/recoverykeyfaq (the previous page is aka.ms/recoverykeyfaq), this article will tell you seven methods to find BitLocker recovery key:

Option 1: In your Microsoft account

To retrieve the recovery key that was stored to onedrive, visit the site:https://account.microsoft.com/devices/recoverykey (The previous page is http://windows.microsoft.com/recoverykey), sign in with your Microsoft account and then you will see the recovery key.

Option 2: Find BitLocker recovery key on a USB flash drive

To find the recovery key, insert that USB flash drive into your computer and view it.

BitLocker recovery key on a USB drive

Option 3: Find the BitLocker recovery key in a txt file

Recovery key may be saved as a txt file in your computer. If you have not deleted it, search BitLocker Recovery Key.txt in your computer.

BitLocker recovery key

Option 4: Find the BitLocker recovery key in a document

If you printed BitLocker recovery key to a "Microsoft Print to PDF", search for pdf file on your computer.

Print BitLocker recovery key

Option 5: In Active Directory

If you are a domain user, the recovery key may be saved to Active Directory (AD), contact your administrator to get it.

BitLocker Recovery Password Viewer can locate and view BitLocker recovery key that is stored in Active Directory (AD).

In Active Directory Users and Computers, locate and then click the container in which the computer is located. For example, click the Computers container.

Right-click the computer object, and then click Properties.

In the ComputerName Properties dialog box, click the BitLocker Recovery tab to view the BitLocker recovery keys that are associated with the particular computer.

Option 6: In your Azure Active Directory account

For work PCs where you sign in with an Azure Active Directory account, see the device info for your Microsoft Azure account and get recovery key.

Option 7: Using a BitLocker password brute-force cracking tool

Refer to: How to unlock BitLocker drive without password and recovery key?

How to bypass BitLocker recovery key?

If you cannot get BitLocker recovery key with key ID, there are two BitLocker brute-force cracking tools you can have a try.

1. Recover the lost BitLocker recovery key with Passware Kit

Passware Kit scans the physical memory image file and the system hibernation file (hiberfil.sys), extracts all the encryption keys, and decrypts the BitLocker encrypted volume. Refer to How to decrypt BitLocker volume with Passware Kit?

2. Recover the lost BitLocker recovery key with Elcomsoft Forensic Disk Decryptor

Elcomsoft Forensic Disk Decryptor could extract data from a BitLocker encrypted volume by utilizing the binary encryption key contained in the computer's RAM. It could find and extract that key by analyzing the memory dump or hibernation file.

Learn where BitLocker recovery key is stored

Recovery key may be saved in a number of locations depending on the version of Windows OS you installed:

For Windows 7, where is BitLocker recovery key stored?

  • Recovery key may be stored as a txt file
  • Recovery key may be stored to a USB flash drive
  • Recovery key may be physically printed

For Windows 8, where is BitLocker recovery key stored?

  • Recovery key may be stored as a txt file
  • Recovery key may be stored to a USB flash drive
  • Recovery key may be physically printed
  • Recovery key may be stored to your Microsoft account
  • Four options to save the recovery key

    For Windows 10, where is BitLocker recovery key stored?

  • Recovery key may be stored as a txt file
  • Recovery key may be stored to a USB flash drive
  • Recovery key may be physically printed
  • Recovery key may be stored to your Microsoft account
  • Recovery key may be stored to your Azure Active Directory account

So if you are a non-domain user, recovery key may be stored in your Microsoft account, USB flash drive, a txt file or printed paper.

If you are a domain user, BitLocker recovery key may be stored to Active Directory (AD), contact your administrator to get it.

BitLocker recovery key ID part

What is BitLocker recovery key ID?

BitLocker recovery key ID is BitLocker recovery key identifier. If recovery key ID matches the one displayed on your drive, you can unlock that drive. If recovery key ID doesn't match the one displayed on your drive, you need to find the correct recovery key. Otherwise, you cannot unlock that drive.

How to verify if the BitLocker recovery key is correct?

To verify if BitLocker recovery key is correct, compare the start of the full BitLocker recovery key identifier with recovery key ID value. See below example:

BitLocker recovery key ID

How to find BitLocker recovery key ID value?

For the BitLocker encrypted operating system volume, BitLocker recovery key ID is displayed on the BitLocker recovery screen.

BitLocker recovery screen

For BitLocker encrypted data drive, BitLocker recovery key ID is displayed when users click on "More options" and then on Enter recovery key in the wizard to unlock a BitLocker drive.

BitLocker recovery key ID

How to get BitLocker recovery key with key ID?

If you can find BitLocker recovery key txt file or saved the BitLocker recovery key in your Microsoft account, AD, Azure AD, you can find the correct BitLocker recovery key according to key ID. Otherwise, there is no way to get BitLocker recovery key.

To verify if it is the correct BitLocker recovery key, compare the start of the full BitLocker recovery key identifier with the recovery key ID value that is displayed on your BitLocker drive, see below example:

BitLocker recovery key ID

What is BitLocker recovery?

BitLocker recovery is the process by which you can restore access to a BitLocker encrypted drive in the event that you cannot unlock BitLocker encrypted drive normally.

If it is a BitLocker encrypted operating system drive, connect it to another computer or find a BitLocker recovery boot disk to recover your data.

How to do BitLocker recovery?

Unlike common data recovery, BitLocker recovery requires intact BitLocker metadata and password or BitLocker recovery key to decrypt data.

BitLocker recovery software

Sometimes, the password and recovery key won't unlock BitLocker encrypted drive. In this situation,, a professional BitLocker recovery software is needed.

M3 BitLocker Recovery is a professional BitLocker data recovery software. It can recover data from failed, corrupted, lost or deleted BitLocker encrypted partition, etc. after supplying the password or recovery key.

Tutorial to recover lost data from BitLocker encrypted drive

Step 1: Download, install and launch M3 BitLocker Recovery on your Windows computer.

M3 BitLocker Recovery

Step 2: Select BitLocker encrypted drive and click Next to continue.

Step 3: Enter the password or 48-digit BitLocker recovery key to decrypt data from BitLocker encrypted drive.

M3 BitLocker Recovery - Enter the password or 48-digit BitLocker recovery key

Step 4: M3 BitLocker Recovery is scanning and decrypting the data from the specific BitLocker encrypted drive.

Scan data from BitLocker encrypted drive

Step 5: After all your files are found, preview the documents, photos and play the videos, audios to see if your lost files are recoverable.

File preview of M3 BitLocker Recovery

Step 6: Select the needed files and click "Recover" to start the recovery.

If you find some recovered files cannot be opened, please check "Revert decryption" option and recover them again.

BitLocker recovery scenarios

1. If your BitLocker encrypted drive is in good condition, just enter the password or recovery key to unlock BitLocker encrypted drive.

2. If you forget the password or recovery key, unlocking drive is still possible. Refer to: How to unlock BitLocker encrypted drive without password and recovery?

3. If your BitLocker encrypted computer is experiencing BitLocker recovery screen issue, enter recovery key to pass BitLocker recovery screen.

4. If your BitLocker encrypted drive keeps asking for recovery key, enter the recovery key or use M3 BitLocker Recovery to rescue your data.

5. If your BitLocker encrypted drive doesn't accept the correct password or recovery key, use M3 BitLocker Recovery to recover your data.

6. If your BitLocker encrypted drive failed, the only way is to recover data with M3 BitLocker Recovery.

7. If your BitLocker encrypted drive is corrupted or damaged, M3 BitLocker Recovery can rescue your data.

8. If your BitLocker partition is deleted or lost, M3 BitLocker Recovery can find the previous BitLocker partition and recover data.

9. If BitLocker encrypted drive is formatted by Windows 7/8/10 built-in format tool, formatting has damaged BitLocker metadata so that lost data cannot be recovered. If you formatted BitLocker encrypted drive by other tool or other operating system, recovering data from formatted BitLocker encrypted drive is possible.

10. If your BitLocker encrypted drive is not recognized by Disk Management or Device Manager, send it to a local data recovery professional for help.

Common BitLocker recovery error

1. Recovery error. Error recovering disk, A recovery key was not found on this drive. The drive cannot be unlocked.

BitLocker recovery error: A recovery key was not found on this drive

2. Recovery error. Error recovering disk, the recovery key you typed is not correct. Type it again.

BitLocker recovery error: The recovery key you typed is not correct

3. Manage-bde failed to unlock volume with the correct password or BitLocker recovery key.

4. BitLocker encrypted drive doesn't accept correct password or BitLocker recovery key.

5. BitLocker encryption on this drive isn't compatible with your version of Windows, try opening the drive using a newer version of Windows.

BitLocker encryption on this drive isn't compatible with your version of Windows

6. BitLocker encrypted drive encryption failed to recover from an abruptly terminated conversion. This could be due to either all conversion logs being corrupted or the media being write-protected.

BitLocker encrypted drive encryption failed to recover from an abruptly terminated conversion

7. BitLocker encrypted drive is not accessible, parameter incorrect.

BitLocker encrypted drive is not accessible, parameter is incorrect

8. BitLocker recovery key or password is not working on Windows 10/8/7.

9. Disk Management shows BitLocker encrypted drive as unknown file system.

When encountering the above BitLocker recovery error, BitLocker encrypted drive cannot be unlocked so that you cannot access the data stored in BitLocker encrypted drive. In this situation, you have to find a BitLocker data recovery software to recover lost data from BitLocker encrypted drive.

Reoovery key FAQ

Q: How to get BitLocker recovery key with the recovery key ID?

A: If you are a domain user, contact your administrator to get BitLocker recovery key according to the recovery key ID.

Q: BitLocker drive doesn't accept the password and recovery key, how to unlock it?

A: In this situation, BitLocker drive has been corrupted, try M3 BitLocker Recovery to recover lost data.

Q: Why does BitLocker recovery screen prompt for recovery key every boot Windows 10/8/7?

A: You may encounter an issue so that BitLocker asks for a recovery key every boot, for example, BitLocker sees a new device in the boot list or an attached external storage device, it will prompt for the recovery key for the security reasons.

Q: What causes BitLocker to ask for recovery key?

A: Boot order is changed. The hardware has been changed. The password information has been completely erased from the BitLocker metadata due to accidental unplugging, virus attack, etc.

Q: Is there a BitLocker recovery key generator ?

A: No, every BitLocker drive has its own unique BitLocker recovery key.