Backup BitLocker Recovery Key in Windows 10

How to Backup BitLocker Recovery Key for a Drive in Windows 10

When you enable BitLocker for a fixed or removable data drive, you can configure it to ask for a password to unlock the drive. Also, BitLocker will automatically create a special recovery key. Recovery keys can be used to restore access to your files if you forgot your password for a removable or fixed drive, or if the system drive is encrypted using BitLocker, and BitLocker fails to unlock the drive on startup.

Advertisment

This means that if you lose your recovery keys for BitLocker protected drives, you won't be able to decrypt your data. That's why it is important to back recovery keys for BitLocker.

BitLocker was first introduced in Windows Vista and still exists in Windows 10. It was implemented exclusively for Windows and has no official support in alternative operating systems. BitLocker can utilize your PC's Trusted Platform Module (TPM) to store its encryption key secrets. In modern versions of Windows such as Windows 8.1 and Windows 10, BitLocker supports hardware-accelerated encryption if certain requirements are met (the drive has to support it, Secure Boot must be on and many other requirements). Without hardware encryption, BitLocker switches to software-based encryption so there is a dip in your drive's performance. BitLocker in Windows 10 supports a number of encryption methods, and supports changing a cipher strength.

Butlocker Drive Encryption

Note: In Windows 10, BitLocker Drive Encryption is only available in the Pro, Enterprise, and Education editions. BitLocker can encrypt the system drive (the drive Windows is installed on), and internal hard drives. The BitLocker To Go feature allows protecting files stored on a removable drives, such as a USB flash drive.

To Backup BitLocker Recovery Key in Windows 10,

  1. Open Control Panel\System and Security\BitLocker Drive Encryption.
  2. On the right, find your encrypted drive or partition.
  3. Unlock the drive if it is locked.
  4. Click on the Back up your recovery key link.Windows 10 BitLocker Back Up Your Recovery Key Link
  5. Choose how to backup the encryption key. See below.Save Bitlocker Key For Fixed Drive
  6. Click on the Finish button when you have finished backing up your recovery key.BitLocker Finish Button For Recovery Key Dialog

You are done. Here are some details on backup options available for BitLocker.

BitLocker Backup Options for Recovery Key

  • Microsoft account - this option is available for Windows 10 users signed in with Microsoft Account. You recovery key will be uploaded to the cloud using the OneDrive service bundled with Windows 10.Windows 10 BitLocker Recovery Keys In OneDrive
  • USB flash drive - this option allows saving your BitLocker recovery key as a text file to a removable flash drive. It is only available for fixed data drives.Windows 10 BitLocker Save Recovery Key To USB Drive
  • File - this will write the recovery key to a text file stored on your local computer. You will be able to browse for a directory to save the file to.Windows 10 BitLocker Save Recovery Key To File
  • Print - this will print the BitLocker recovery key to the selected printer.Windows 10 BitLocker Print Recovery Key

In addition to the Control Panel options, you can backup your BitLocker recovery key using Command Prompt or PowerShell. Here's how.

Backup BitLocker Recovery Key in Command Prompt

  1. Open a new command prompt as Administrator.
  2. Type and run the following command: manage-bde -protectors -get <drive letter>: > %UserProfile%\Desktop\BitLockerRecoveryKey.txt.Windows 10 BitLocker Back Up Your Recovery Key In Cmd
  3. Substitute <drive letter> with the actual drive letter of the drive you want to backup your recovery key for. For example: manage-bde -protectors -get E: > %UserProfile%\Desktop\BitLockerRecoveryKey.txt.
  4. Your recovery key will be saved to the BitLockerRecoveryKey.txt file on your Desktop.Windows 10 BitLocker Back Up Your Recovery Key In Cmd 2

Finally, you can use PowerShell for the same task.

Backup BitLocker Recovery Key in PowerShell

  1. Open PowerShell as Administrator.
  2. Type and run the following command: (Get-BitLockerVolume -MountPoint <drive letter>).KeyProtector > $env:UserProfile\Desktop\BitLockerRecoveryKey.txt.Windows 10 BitLocker Back Up Your Recovery Key In Powershell
  3. Substitute <drive letter> with the actual drive letter of the drive you want to backup your recovery key for. For example: (Get-BitLockerVolume -MountPoint E).KeyProtector > $env:UserProfile\Desktop\BitLockerRecoveryKey.txt.
  4. Your recovery key will be saved to the BitLockerRecoveryKey.txt file on your Desktop.Windows 10 BitLocker Back Up Your Recovery Key In Powershell 2

That's it.

Advertisment

Leave a Reply

Your email address will not be published. Required fields are marked *