Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

BitLocker Recovery Key File

Posted on 2014-03-04
9
Medium Priority
?
7,197 Views
Last Modified: 2016-09-29
Hi,

 I enabled BitLocker on some computers with Windows Ultimate 7.
 These computers don't have TPM, so I had to make changes to GPEDIT to make it work with USB flash drive. Each time I encrypted the hard drive, it created "BitLocker Recovery Key file" in TXT.
  I like to understand when/how these keys are used.
  So far what understand is this. I intentionally took the USB flash drive out of the computer and restarted it. Then the computer prompted for 48 digit key - BitLocker Recovery Key, I entered: 712921-100232-438999-066539-157036-381612-571373-133782 and it continued to load OS.

But when do I use and what is the purpose of:

Recovery key identification: E8AACEDF-41E8-49
Full recovery key identification: E8AACEDF-41E8-49BD-9188-00E58F51EFA9


BitLocker Recovery Key E8AACEDF-41E8-49BD-9188-00E58F51EFA9.txt
-------------- Contents --------------------------
BitLocker Drive Encryption Recovery Key

The recovery key is used to recover the data on a BitLocker protected drive.

To verify that this is the correct recovery key compare the identification with what is presented on the recovery screen.

Recovery key identification: E8AACEDF-41E8-49
Full recovery key identification: E8AACEDF-41E8-49BD-9188-00E58F51EFA9

BitLocker Recovery Key:
712921-100232-438999-066539-157036-381612-571373-133782
-------------- Contents --------------------------
0
Comment
Question by:sglee
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
  • 2
  • +1
9 Comments
 
LVL 88

Accepted Solution

by:
rindi earned 612 total points
ID: 39903666
If the OS crashes or you re-install it, you would need the USB stick in order to be able to access the encrypted files again.

You would also need it if the user account is deleted and doesn't exist anymore. A new user account gets a unique ID which is different from the original one, even if the name and password are the same. Encryption is tied to the original unique user account.
0
 

Author Comment

by:sglee
ID: 39903921
What is the purpose of :
Recovery key identification: E8AACEDF-41E8-49
Full recovery key identification: E8AACEDF-41E8-49BD-9188-00E58F51EFA9
0
 
LVL 88

Expert Comment

by:rindi
ID: 39904080
That is to identify which key is needed. You can have several keys on such a USB stick. Check part 6 onward in the Link below:

http://www.eightforums.com/tutorials/21433-bitlocker-recovery-unlock-drive-windows-8-a.html?filter[1]=Security%20System%20Tools
0
Does Your Cloud Backup Use Blockchain Technology?

Blockchain technology has already revolutionized finance thanks to Bitcoin. Now it's disrupting other areas, including the realm of data protection. Learn how blockchain is now being used to authenticate backup files and keep them safe from hackers.

 
LVL 56

Assisted Solution

by:McKnife
McKnife earned 608 total points
ID: 39904207
Bitlocker uses so-called "protectors". Those can be the TPM, the TPM and the PIN together, or a password, or the startup key on USB or diskette. You can have multiple protectors. To identify, what drive is being talked about and what protector, this ID is used. It's unique.
0
 

Author Comment

by:sglee
ID: 39905292
Say I have a PC with a 2nd internal HD and a couple of external USB hard drives. I like to encrypt two internal hard drives and two external USB hard drives.  With that:
(1) Can I store "Startup Key" for each hard drive during the encryption process in one USB flash drive?
0
 
LVL 56

Expert Comment

by:McKnife
ID: 39906065
Yes, you can.
0
 
LVL 56

Expert Comment

by:McKnife
ID: 39920829
By the way, the selected answer is incorrect. The usb drive is a startup key, that's not the recovery key, don't confuse it. Also wrong: bitlocker encryption is never tied to any  user account, this is not EFS.
0
 

Expert Comment

by:Sidharth Abi
ID: 41822578
My Bitlocker recovery key Id start in 7E4FC9E5 please could u say full recovery key
0
 
LVL 56

Expert Comment

by:McKnife
ID: 41822634
Sidhart, ask your own question and describe your situation.
No one here or at Microsoft has your key, sorry. It might have been saved online, or to a file or printed, that's all. Online (just in case it was saved online): https://onedrive.live.com/recoverykey
0

Featured Post

On Demand Webinar: Networking for the Cloud Era

Did you know SD-WANs can improve network connectivity? Check out this webinar to learn how an SD-WAN simplified, one-click tool can help you migrate and manage data in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When you try to extract and to view the contents of a Microsoft Update Standalone Package (MSU) for Windows Vista, you cannot extract the files from the MSU. Here we are going to explain how to extract those hotfix details without using any third pa…
There are many Password Managers (PM) out there to choose from. PM's can help with your password habits and routines, but they should not be a crutch you rely on too heavily. I also have an article for company/enterprise PM's.
This Micro Tutorial will go in depth within Systems and Security in Windows 7 and will go into detail regarding Action Center, Windows Firewall, System, etc. This will be demonstrated using Windows 7 operating system.
If you’ve ever visited a web page and noticed a cool font that you really liked the look of, but couldn’t figure out which font it was so that you could use it for your own work, then this video is for you! In this Micro Tutorial, you'll learn yo…
Suggested Courses

715 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question