BitLocker first introduced in Microsoft Windows Vista is designed to protect user data by encryption the selected volume. Along with data encryption, users can also have system files and Windows boot validation thereby achieving system integrity. The BitLocker, in particular, is really helpful when you have very secret data and do not want that to go in the hands of unauthorized users when your device is stolen or lost.
The access of data using BitLocker is possible via a password or smart card which you can use to unlock the encrypted driver. Whenever you setup BitLocker drive encryption, BitLocker offers you option to save the recovery key.
The recovery key is an extremely important part of BitLocker, at any point in time if you forgot the password or lost smart card, the only way to access your data which you had encrypted using BitLocker would recovery key.
Hence you must backup, and securely keep the BitLocker recovery key. If you hadn’t done that when the option to backup recovery key was offered by BitLocker Drive Encryption then here are the ways by which you can still do it and save yourself from terrible data lose or getting locked out from your own data.
Note: This guide will not be helpful if you have lost the password and doesn’t have recovery keys backed up at all.
How to Backup BitLocker Recovery Keys on Windows 10
Manage BitLocker is the best was to backup recovery key. Follow below instructions to do the recovery key backup,
- At Cortana Search, type BitLocker and click and open Manage BitLocker
- Under BitLocker Encryption Control Panel, next to encrypted driver look for the Backup your recovery key option and click on it.
- From the list you can select any method and way you want to save recovery backup key.
The options offers are, Save to Microsoft Account, save to USB flash drive, Save to file & print the recovery key.
Do keep in mind the option to save to file doesn’t let you save it to root drive of non-removable storage. Saving it online like to Microsoft account would be the best option, as you can retrieve the key from anywhere in the world.
2.Using Command Prompt
This method is not as initiative as compared to Manager BitLocker, but still, you can use this method to back up recovery key.
- Press win+x keyboard shortcut to open quick
- Now launch Command Prompt (Admin).
- Type the following command at the command prompt, replace the drive (c:) with the one that you have encrypted using BitLocker.
manage-bde -protectors C: -get
The BitLocker key for all the drivers will be displayed on the screen, copy it and save it on the notepad.
3.Using Windows 10 PowerShell Script
A ready-made PowerShell script designed to recovery BitLocker key for backup purpose.
- Download Backup-Recovery-Key.ps1 PowerShell script and save it on desktop or root directory of your C: drive.
- Now search for Windows PowerShell at Cortana search
- Click and open Run as Administrator under Windows PowerShell
- If you haven’t set PowerShell unrestricted then type following command and press “Y” on the confirmation message.
- At the prompt type the file name including full path as shown in the below screenshot,
- The script will take the time to retrieve the BitLocker key and will be shown on the screen.
The best part of this script is it gets the recovery key for all the drivers and you do not have to repeat it for each drive that’s encrypted.