Solved

BitLocker Recovery Key File

Posted on 2014-03-04
9
5,270 Views
Last Modified: 2016-09-29
Hi,

 I enabled BitLocker on some computers with Windows Ultimate 7.
 These computers don't have TPM, so I had to make changes to GPEDIT to make it work with USB flash drive. Each time I encrypted the hard drive, it created "BitLocker Recovery Key file" in TXT.
  I like to understand when/how these keys are used.
  So far what understand is this. I intentionally took the USB flash drive out of the computer and restarted it. Then the computer prompted for 48 digit key - BitLocker Recovery Key, I entered: 712921-100232-438999-066539-157036-381612-571373-133782 and it continued to load OS.

But when do I use and what is the purpose of:

Recovery key identification: E8AACEDF-41E8-49
Full recovery key identification: E8AACEDF-41E8-49BD-9188-00E58F51EFA9


BitLocker Recovery Key E8AACEDF-41E8-49BD-9188-00E58F51EFA9.txt
-------------- Contents --------------------------
BitLocker Drive Encryption Recovery Key

The recovery key is used to recover the data on a BitLocker protected drive.

To verify that this is the correct recovery key compare the identification with what is presented on the recovery screen.

Recovery key identification: E8AACEDF-41E8-49
Full recovery key identification: E8AACEDF-41E8-49BD-9188-00E58F51EFA9

BitLocker Recovery Key:
712921-100232-438999-066539-157036-381612-571373-133782
-------------- Contents --------------------------
0
Comment
Question by:sglee
  • 4
  • 2
  • 2
  • +1
9 Comments
 
LVL 88

Accepted Solution

by:
rindi earned 153 total points
ID: 39903666
If the OS crashes or you re-install it, you would need the USB stick in order to be able to access the encrypted files again.

You would also need it if the user account is deleted and doesn't exist anymore. A new user account gets a unique ID which is different from the original one, even if the name and password are the same. Encryption is tied to the original unique user account.
0
 

Author Comment

by:sglee
ID: 39903921
What is the purpose of :
Recovery key identification: E8AACEDF-41E8-49
Full recovery key identification: E8AACEDF-41E8-49BD-9188-00E58F51EFA9
0
 
LVL 88

Expert Comment

by:rindi
ID: 39904080
That is to identify which key is needed. You can have several keys on such a USB stick. Check part 6 onward in the Link below:

http://www.eightforums.com/tutorials/21433-bitlocker-recovery-unlock-drive-windows-8-a.html?filter[1]=Security%20System%20Tools
0
 
LVL 53

Assisted Solution

by:McKnife
McKnife earned 152 total points
ID: 39904207
Bitlocker uses so-called "protectors". Those can be the TPM, the TPM and the PIN together, or a password, or the startup key on USB or diskette. You can have multiple protectors. To identify, what drive is being talked about and what protector, this ID is used. It's unique.
0
Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

 

Author Comment

by:sglee
ID: 39905292
Say I have a PC with a 2nd internal HD and a couple of external USB hard drives. I like to encrypt two internal hard drives and two external USB hard drives.  With that:
(1) Can I store "Startup Key" for each hard drive during the encryption process in one USB flash drive?
0
 
LVL 53

Expert Comment

by:McKnife
ID: 39906065
Yes, you can.
0
 
LVL 53

Expert Comment

by:McKnife
ID: 39920829
By the way, the selected answer is incorrect. The usb drive is a startup key, that's not the recovery key, don't confuse it. Also wrong: bitlocker encryption is never tied to any  user account, this is not EFS.
0
 

Expert Comment

by:Sidharth Abi
ID: 41822578
My Bitlocker recovery key Id start in 7E4FC9E5 please could u say full recovery key
0
 
LVL 53

Expert Comment

by:McKnife
ID: 41822634
Sidhart, ask your own question and describe your situation.
No one here or at Microsoft has your key, sorry. It might have been saved online, or to a file or printed, that's all. Online (just in case it was saved online): https://onedrive.live.com/recoverykey
0

Featured Post

Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
SSD Boot Drive Disappeared in Bios - Power Locked? 51 82
More on Time zones in vb 2010 12 37
Windows Remote Assistance 5 20
Name space syntax error 12 40
Many companies are looking to get out of the datacenter business and to services like Microsoft Azure to provide Infrastructure as a Service (IaaS) solutions for legacy client server workloads, rather than continuing to make capital investments in h…
By default the complete memory dump option is disabled in windows . If we want to enable the complete memory dump for a diagnostic purpose, we have a solution for it. here we are using the registry method to enable this.
Windows 8 comes with a dramatically different user interface known as Metro. Notably missing from the new interface is a Start button and Start Menu. Many users do not like it, much preferring the interface of earlier versions — Windows 7, Windows X…
A simple description of email encryption using a secure portal service. This is one of the choices offered by The Email Laundry for email encryption. The other choices are pdf encryption which creates an encrypted pdf of your email and any attachmen…

912 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

23 Experts available now in Live!

Get 1:1 Help Now