Bitlocker recover key?

I'm trying to help a friend with her ASUS T100 10-Inch Transformer Laptop. She got it for Christmas last year, and I helped her set it up at the time. Her child was playing with it, and evidently triggered the "too many password attempts" and now it cannot be accessed - when booted, it says: "Automatic Repair - your PC did not start correctly" and then anything under Advance Options requires the Bitlocker recover key.

Here's the thing... when we use her email (the email address I used in setting up the computer) to get the bitlocker recovery key, it says there's no key. I even tried an older email address on the off-chance it was under that one.

She has a number of files and unreplaceable pictures of her baby on this machine, and I'm hoping to find some way to help her out.

Thoughts?
LVL 38
lherrouAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

McKnifeCommented:
Who setup bitlocker? He will have the recovery key. It had to be printed or saved.
lherrouAuthor Commented:
Windows 8.1 encrypts drives by default. During initial PC setup, I entered her gmail address and that email address allows her to log into the bitlocker recovery area, but when she logs in, it says no bitlocker keys are found. At the time of setup, no printer was available, so it wasn't printed.
Christopher Jay WolffWiggle My Legs, OwnerCommented:
Hi people.
Should the UEFI be checked to make sure TPM is enabled?  Or if the computer was running, properly that means TPM was enabled?  A wild stab in the dark.

This quote and link explains you're out of luck as you may have already guessed and as MacKnife probably knows and hasn't said yet.  :)
Bitlocker Key out of luck.
http://windows.microsoft.com/en-us/windows-8/bitlocker-recovery-keys-faq



Here is a Bitlocker recovery guide with some tools mentioned.  I don't think it will help but MacKnife can explain possibilities if they exist here.  It also lists causes of bitlocker recovery kickin, and the Recovery Environment issues as shown here.
Windows RE and Bitlocker.
https://technet.microsoft.com/en-us/library/dn383583.aspx#BKMK_AppendixC
10 Tips to Protect Your Business from Ransomware

Did you know that ransomware is the most widespread, destructive malware in the world today? It accounts for 39% of all security breaches, with ransomware gangsters projected to make $11.5B in profits from online extortion by 2019.

lherrouAuthor Commented:
OK, good link. I already knew most of that, but I did find this in the options list, which was a bit of information I hadn't encountered before:
>> A data recovery agent can use their credentials to unlock the drive. If the drive is an operating system drive, the drive must be mounted as a data drive on another computer for the data recovery agent to unlock it.
lherrouAuthor Commented:
Oops, nope. It doesn't mean what it sounded like. Only works when a certificate has been installed on the machine in advance.
Gerwin Jansen, EE MVETopic Advisor Commented:
>> the bitlocker recovery area
It that something on the system or is it just a mail being sent to that address?

Could it be that the recovery key is stored on Microsoft Live drive instead? Credentials (username) for Live could just be that gmail address.
lherrouAuthor Commented:
Correct. I was speaking of logging into the Bitlocker recovery section on M$ Live. When she does, it says no Bitlocker Recovery Keys are available.
Gerwin Jansen, EE MVETopic Advisor Commented:
>> When she does, it says no Bitlocker Recovery Keys are available.
Contact Microsoft then (probably won't help), try logging onto Live with your account:

https://onedrive.live.com/recoverykey
Gary CaseRetiredCommented:
"... She has a number of files and unreplaceable pictures of her baby on this machine, and I'm hoping to find some way to help her out. "  ==>  ... and, I gather, no backups !!       ALL hard drives fail -- bitlocker encrypted or not.

Did you set this up to make occasional system image backups to an external drive by any chance?    Those are NOT encrypted -- so the data would be available in the image (or you could just restore it).
lherrouAuthor Commented:
Unfortunately. no. This is a friend, and she got the machine for Christmas last year. She's not too sophisticated a user.

For my son's Win 8.1 machine, I set up an account on OpenDrive, so it backs up all his important college files and his pictures, etc. regularly. I don't think this machine would be in my hands now if she had taken my suggestions for something like that.
Jason C. LevineDon't talk to me.Commented:
Todd,

Have you attempted to run the bitlocker repair tool yet?
lherrouAuthor Commented:
I think I have to have the recovery password to do that, and that's the issue... no recovery password.
David Johnson, CD, MVPOwnerCommented:
You're done.. there is nothing you can do without the recovery key.. I save mine onto a USB drive that is on my key chain. Treat it like a hard drive failure.. in the future, google and others offer unlimited picture backup
McKnifeCommented:
Before we all conclude "you're done" or something similar, let's step back for a moment.

You write "8.1 automatically encrypts" - not true. The device encryption feature (which is not BL but similar technology) is only used automatically if a TPM is present AND an MS account is being used. So when setting up the computer, the first MS user will be the one whose cloud storage will be used to save the recovery key. Who was that? Obviously not the one you suspect but another account.

Then you write that at setup time, there was no printer installed so the key will not have been printed. Ok, but there will be a key. There's no way no backup has been created - it is mandatory, the encryption does not start without.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Gerwin Jansen, EE MVETopic Advisor Commented:
The no key part is clear, only hope is to get key from M$ - if it ever was stored successfully on the recovery area in onedrive.
lherrouAuthor Commented:
>> Ok, but there will be a key. There's no way no backup has been created - it is mandatory, the encryption does not start without.

True, but the owner doesn't remember what method she used to store it. And, of the three options, I know it was never connected to a printer, we've tried to find the key through M$ Live, and she doesn't recall saving to a USB drive (and unfortunately, it's possible to save to the c:\ drive, which could mean it's there, but encrypted with everything else).

I'll be contacting M$ and see what I can find out.
McKnifeCommented:
It's not possible to save to c:. We can save to \\localhost\c$, but not to c: and I don't think she knows such tricks.

Good luck with MS.
lherrouAuthor Commented:
We actually found two more accounts on Live that she owned, and were able to recover the passwords to both of those accounts, one of which had the Bitlocker Recovery Key. It was a hassle. The lessons learned were:

1) Pay attention during setup!
2) Use backups
3) Know where your accounts are, and how to access them.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows 8

From novice to tech pro — start learning today.