Restore access to a drive encrypted with BitLocker

If a user has forgotten the password for accessing a hard drive encrypted by BitLocker, you need to start the recovery procedure (Request-Response).

If the computer's operating system has Federal Information Processing standard (FIPS) compatibility mode enabled, then in Windows 8 and older the recovery key file is saved to the removable drive before encryption. To restore access to the drive, insert the removable drive and follow the on-screen instructions.

Restoring access to a hard drive encrypted by BitLocker consists of the following steps:

  1. The user tells the administrator the recovery key ID (see the figure below).
  2. The administrator verifies the ID of the recovery key in the computer properties in Kaspersky Security Center. The ID that the user provided must match the ID that is displayed in the computer properties.
  3. If the recovery key IDs match, the administrator provides the user with the recovery key or sends a recovery key file.

    A recovery key file is used for computers running the following operating systems:

    • Windows 7
    • Windows 8
    • Windows Server 2008
    • Windows Server 2011
    • Windows Server 2012

    For all other operating systems, a recovery key is used.

  4. The user enters the recovery key and gains access to the hard drive.

    KES11_BilLocker_Recovery

    Restoring access to a hard drive encrypted by BitLocker

Restoring access to a system drive

To start the recovery procedure, the user needs to press the Esc key at the pre-boot authentication stage.

How to view the recovery key for a system drive encrypted by BitLocker in the Administration Console (MMC)

How to view the recovery key for a BitLocker-encrypted system drive in the Web Console

After the operating system is loaded, the user needs to change the password. To do so, the user needs to open the Control Panel of the operating system and go to the BitLocker settings. In the BitLocker settings, the user needs to clear the old password and set a new one. If the user has not changed the password, you can use the old recovery key the next time the operating system loads.

Restoring access to a non-system drive

To start the recovery procedure, the user needs to click the Forgot your password link in the window providing access to the drive. After gaining access to the encrypted drive, the user can enable automatic unlocking of the drive during Windows authentication in the BitLocker settings.

How to view the recovery key for a non-system drive encrypted by BitLocker in the Administration Console (MMC)

How to view the recovery key for a non-system drive encrypted by BitLocker in the Web Console

Page top