Additionally, the BitLocker recovery key may have been printed to Microsoft Print to PDF and then searched for PDF files on the PC. If you want to find a location where you can print or save your BitLocker key, you can find it in a paper document. Find the BitLocker recovery key in the Paper Document If you have not removed or deleted it, you can look for BitLocker Recovery Key.TXT file on your computer.Ĥ. Retrieve keys that may be saved to your computer. Find the BitLocker recovery key in the file If you save the key as a text file on the flash drive, use a different computer to read the text file.ģ.
To find the key that may be saved to a USB flash drive, plug the USB flash drive into the locked PC and follow the instructions. Find the BitLocker recovery key on a USB flash drive To retrieve the recovery key that was saved to a Microsoft account, go to visit this site:, log in with your Microsoft account, then you will see that recovery key.Ģ. Find the BitLocker recovery key in OneDrive
There are several options in Windows 10 that may save the BitLocker recovery key:ġ. If your PC is non-domain-joined PCs, and you did not backup the BitLocker recovery key initially, you could also retrieve the key through the clouds, as long as your PC is signed in with Microsoft account. If your PC is connected to a domain (usually a work or school computer), you can ask a system administrator for your recovery key.
How to Remove the Startup Key Requirement To prevent continued recovery due to a lost startup key. (The “Numerical Password” key protector displayed here is your recovery key.) To double-check whether the TPMAndStartupKey protector was added properly, you can run the following command: manage-bde -status Be careful with the key–someone that copies the key from your USB drive can use that copy to unlock your BitLocker-encrypted drive. You’ll be asked to insert the USB drive the next time you boot your computer. The key will be saved to the USB drive as a hidden file with the. manage-bde -protectors -add c: -TPMAndStartupKey x: You’ll also need to enter the drive letter of the connected USB drive you want to use as a startup key instead of x. The below command works on your C: drive, so if you want to require a startup key for another drive, enter its drive letter instead of c. On Windows 7, find the “Command Prompt” shortcut in the Start menu, right-click it, and select “Run as Administrator” On Windows 10 or 8, right-click the Start button and select “Command Prompt (Admin)”. Next, launch a Command Prompt window as Administrator. To open the Group Policy Editor, press Windows+R on your keyboard, type “gpedit.msc” into the Run dialog, and press Enter. Once you’ve enabled BitLocker, you’ll need to enable the startup key requirement in Windows’ group policy. Step Two: Enable the Startup Key in Group Policy Editor If you have a Home version of Windows, you won’t be able to use BitLocker. You may have the Device Encryption feature instead, but this works differently from BitLocker and doesn’t allow you to provide a startup key. The below steps are only necessary when enabling BitLocker on computers with TPMs, which most modern computers have.
If you go out of your way to enable BitLocker on a PC without a TPM, you can choose to create a USB startup key as part of the setup process. Before you can follow any of the steps below, you’ll need to enable BitLocker encryption on your system drive from the Control Panel.
This, obviously, requires BitLocker drive encryption, which means it only works on Professional and Enterprise editions of Windows. Step One: Enable BitLocker (If You Haven’t Already)