Bitlocker encrypted external hard drive does not unlock with correct password or with correct recovery key

Hi,

We have an external hard drive which was BitLocker encrypted by a Windows 10 PC.

This external hard drive is used to back up data on our PCs and servers.

Each month, we would back up  this data.

Each time the external hard drive is plugged into a PC, a password is required.

BitLocker does is not supported by our Windows Server 2003 servers so the password would not be unlocked.

Decryption is the first step we would do and then backup data from all PCs and servers.

This time, while the external hard drive was in the decrypting process and over 80% complete, the PC was accidently turned off.

After this happened, when trying to login with password to this drive to continue the decryption process, the password is not accepted.

I tried to unlock the drive by using the correct recovery key and it is also not accepted.

The last thing I tried was unlocking the drive through command line with administrative privilages with recovery key and the message back was; "The password failed to unlock volume E:".

I have researched this an some people have imaged the hard drive.

There is a lot of important data on this external hard drive and we would like to know how to unlock the drive and access the data rather than imaging the drive if possible as we would just have an external hard drive which is unusable.

All help appreciated.

Thanks,
Robbie
IP4IT StaffAsked:
Who is Participating?
 
IP4IT StaffAuthor Commented:
Hi all,

I decided to format the external hard drive.

This did result in all data being lost but we do have two external hard drives used for backup so I decided to do a fresh backup on this one as there was only one month's backup on it.

The hard drive works fine after the format had been done and hard drive partitioned.

I tested encrypting and decrypting this hard drive which works fine, also passwords and recovery keys unlock the drive as expected.

Thanks,
Robbie
0
 
Travis MartinezSmoke JumperCommented:
If you have the right recovery key and password but it's not decrypting, after an abnormal termination, it's likely the data is now lost to you.  I'll do some research on my own and see but I've been using bitlocker on Windows 10 for some time now and have never had the issue as I've not lost the PC before when the drive was decrypting.

I'll throw some data on one and see if I can replicate the issue as well.
0
 
Dr. KlahnPrincipal Software EngineerCommented:
This is one of the problems with encrypted drives.  If there is an abnormal termination, the entire contents of the drive can be lost as the system never goes through the normal Windows shutdown process.

There is no practical way at present to break Bitlocker encryption, and Microsoft does not have a back door into it ... at least, not one that they are admitting.

I'm afraid that Travis is correct and that everything on that drive must now be considered irretrievably lost.

This external hard drive is used to back up data on our PCs and servers.

Encrypting a backup is a very poor choice, because -- as you've discovered -- if anything goes wrong, all data is lost.

Whoever decided on this policy should now be made to bear the consequences of that decision.

Backups should be kept in a secure location, unencrypted.  Is that less secure than encrypted backups?  Yes, but if you can't recover the data from a backup, that cost can be extremely high as opposed to the possibility of somebody stealing a backup.
0
Introducing Cloud Class® training courses

Tech changes fast. You can learn faster. That’s why we’re bringing professional training courses to Experts Exchange. With a subscription, you can access all the Cloud Class® courses to expand your education, prep for certifications, and get top-notch instructions.

 
Travis MartinezSmoke JumperCommented:
I've found Microsoft's bitlocker recovery tool; however, I've not found anyone successful at being able to recover from it.

I also found:  https://www.m3datarecovery.com/bitlocker-drive-data-recovery/

Whether or not it will work I've no information.  I'm in the process of trying to recreate the issue and if I can will try both tools and let you know.
0
 
Travis MartinezSmoke JumperCommented:
Every time I tried to replicate the issue Windows 10 picked up right where it left off.  Three different systems, power pulled, virtual device on Oracle box, and two physical systems but they always picked right back up.

I was only able to replicate the issue by yanking the drive and placing it on a Windows 7 system to which it would not let me access it.  However, when I put the drive back into a Windows 10 system, any Windows 10 system, it started decrypting again.

Was it a Windows 10 system that was decrypting the drive that the power was lost?
0
 
IP4IT StaffAuthor Commented:
Hi Travis/ Dr. Klahn,

Thank you for your suggestions.

Yes, a Windows 10 Pro PC was used to decrypt the drive, same one which encrypted this drive too.

Just the day before, files backed up fine to the external hard drive and on the same day, the password worked fine.

Before using the hard drive to back up the server, it was required to decrypt the external hard drive before use on the Windows 2003 server.

I plugged in the hard drive into Windows 10 PC and started decrypting it.

The next day i found the PC was off, which I found was an automatic update from Windows that turned off the PC.

I was able to unlock the drive fine with password and it continued decrypting.

The day after that, I found someone turned off the power switches on the wall which power the Windows 10 PC.

I turned on the switches and powered back on the Windows 10 PC.

When I went to enter the password, it came up as incorrect and the recovery key did not work either.

I tried other Windows 10 PCs too to try and unlock the drive but no luck.

Would this cause an issue?

Thanks,
Robbie.
0
 
Travis MartinezSmoke JumperCommented:
From the testing I did having differing W10 systems I didn't experience an issue.

I would say that the update may have been a contributor to the problem but after it was completed you were able to access the drive.

What I find interesting is the differing systems I yanked and removed the drive and/or powered off as well, the decrypt process started on its own without me having to input a password to continue it.  This was the case on three different W10 systems.

However, logically, if 10 took an update while it was decrypting but then the power was lost to the system the meta data on the disk may have gotten horked and the second system outage due to power failure may have placed the disk drive in a bad state being a release or update of bitlocker.  This is only a guess though.

I also understand why you would want to encrypt your backup data; however, it will not protect it from things such as ransomeware if the drive is unlocked.  The encryption would need to be done/accessed at a file level therefore I think the bitlocker design is flawed in the reasons for it being used for a backup target.

I'm trying the "M3 Bitlocker Recovery Trial" to see what information it provides but it has hours to go on a drive that only has about 40 GB written to it.

Did you try Microsoft's recovery tool?  Now that I look at it closer it says it applies to Windows 7 only.  You can try the M3 trial and see if it has any benefit.  It just may take a long time to run.  Of course the data on the drive not being accessible now it wouldn't be a bad idea to try and see what it returns.
0
 
McKnifeCommented:
There is a command line tool in windows: repair-bde.exe, see if it can help you: https://docs.microsoft.com/en-us/windows-server/administration/windows-commands/repair-bde
0
 
Travis MartinezSmoke JumperCommented:
As an update I was able to get the disk in a condition that it decrypted but the files aren't seen as accessible.  The space is taken on the hard drive but what shows is only the free space as though there was something still on the disk, which it is, but unable to display.

I ran the M3 BitLocker Recovery Trial and after 2 days it finally returned with an error that my recovery key was incorrect.

Doesn't look like that's a viable option either.
0
 
IP4IT StaffAuthor Commented:
It seems that the password and recovery key are correct but the drive just does not accept these so appears as being incorrect so this effects solutions such as repairing the drive or recovering data.

Preferably we would like to leave the recovery step for copying files to a new external hard drive as the last resort as we have over 2TB of stored files on the external hard drive which has been locked with BitLocker.

To copy these files over from this external hard drive to another drive will require a lot of time as well as a new external hard drive to store the data on although I understand that it may be our only choice if the drive does not unlock.

After this data has been copied over or external hard drive has been unlocked, the question arises of do we encrypt the hard drive again with BitLocker as it does not seem to be 100% reliable.

We do wish to password protect our external hard drives as we wish to protect the data on the hard drives in case of being stolen.

Have you any recommendations as to how we should proceed with:

1. Data on drive which does not seem to be accessible even with password/ recovery key?
2. Situation after data from external hard drive recovered, we would prefer to password protect drive but should we proceed again with BitLocker or some other solution?

Thanks,
Robbie
0
 
McKnifeCommented:
Robbie, did you try repair-bde.exe as recommend, or not?
BL is very reliable, still, one has to backup one's data.
0
 
IP4IT StaffAuthor Commented:
Hi McKnife,

I have read online that your recommendation; repair-bde.exe, would be the last thing to be applied, if you can’t unlock the encrypted disk with a password or a Bitlocker recovery key so will test this now that I can't seem to unlock the drive using password or recovery key.

It may not be until Monday when I have access to the locked external hard drive again but will update you after I have tried your recommendation.

Thanks,
Robbie
0
 
McKnifeCommented:
Why didn't you try repair-bde?
Anyway, please close the question now by selecting your comment as answer.
0
 
IP4IT StaffAuthor Commented:
Hi McKnife,

Although repair-bde did sounded like a good solution, it would have taken as long to copy over the files to another hard drive  as it would just to start another clean backup.

One other concern was that I had tried unlocking the external hard drive through CMD with administrative rights using recovery key and it did not work.

It seemed repair-bde required the recovery key so there was a small chance it would not work.

Thanks,
Robbie
0
 
IP4IT StaffAuthor Commented:
As there was not too much data to be lost on external hard drive locked by BitLocker, I found that formatting the drive and restarting with clean backup would be the faster option.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.