Solved Bitlocker recovery key

noob

New Member
Messages
6
Hi,

I have a new Windows 8.1 machine and I wish to encrypt the drive using Bitlocker. It gives me 4 options to save a recovery key
1. Save to your Microsoft account
2. Save to a USB flash drive
3. Save to a file
4. Print the recovery key

Option 1 isn't available as I'm logged on using a local account.
i. What is the difference between options 2 & 3? i.e. I could save to a file on a USB drive
ii. Does option 2 mean the USB flash drive cannot then be used for other purposes?
iii. Does option 2 also mean I could use a USB external hard drive, or does it have to be a flash drive?
iv. Once the recovery key has been created, can the key then be copied to other locations or is it only going to work where Bitlocker puts the key?
v. Just thinking about printing the recovery key - can this be used without a password to access the drive, how sensitive/important is the printed key?

N00b questions, I'd very much appreciate your answers.

Thanks :)
 

My Computer

System One

  • OS
    Windows 8.1 Pro 64 bit
hello and welcome to eight forms , my opinion , difference between 2 and 3 ,2 will create a file and put it on the flash drive for yah,3 you will have to move the file it creates to a flash drive of external drive manually 'I would think you could take the file it create and put it where ever you want , I don't use bitlocker ,if I did I would print it and put away for safe keeping ,like I try to do will all passwords .and if the drive is pass worded that you store the file on ,then yes someone would need the drive password to access the files on that drive, is not that what passwords are for ,I would assume that there are people who could hack your passwords like they do others ,good luck
 

My Computer

System One

  • OS
    win8.1.1 enterprise
    Computer type
    PC/Desktop
    System Manufacturer/Model
    Hinze57
    CPU
    AMD FX 6100 6core 3.30gHz
    Motherboard
    gigibyte ga-78lmy-s2p
    Memory
    4gig ddr3
    Graphics Card(s)
    Radon hd5000 Series
    Sound Card
    onboard realtek hd
    Monitor(s) Displays
    19" viewsonic/ 22"Samsung
    Screen Resolution
    1680x1050
    Hard Drives
    128gig ssd Kingston
    80gig WD 10000 rpm spinner
    Case
    micro
    Keyboard
    microsoft curve 200
    Mouse
    Logitech wireless M215
    Internet Speed
    high speed 20
    Browser
    ie 11
    Antivirus
    windows defender
    Other Info
    updated enterprise apr 2/14
Hello noob, and welcome to Eight Forums. :)

i. What is the difference between options 2 & 3? i.e. I could save to a file on a USB drive

What Jack posted above. You can save the same recovery key to a USB flash drive, or a location you want as a file.​

ii. Does option 2 mean the USB flash drive cannot then be used for other purposes?

Yes, you can still use the flash drive as usual. Just don't delete the recovery key .txt file, or move it from the root directory on the USB flash drive.​

iii. Does option 2 also mean I could use a USB external hard drive, or does it have to be a flash drive?

It does need to be a USB flash drive to be detected by BitLocker.​

iv. Once the recovery key has been created, can the key then be copied to other locations or is it only going to work where Bitlocker puts the key?

Yes, you can copy the recovery key .txt file to where you like. The recovery key .txt file saved to a USB flash drive is the same one as if you saved to a file.​

v. Just thinking about printing the recovery key - can this be used without a password to access the drive, how sensitive/important is the printed key?

Printing the recovery key is just having the recovery key .txt file printed out as a hard copy on a sheet of paper to keep somewhere safe in case you lose the USB or file.​


For more information, see also:

http://www.eightforums.com/tutorials/21818-bitlocker-recovery-key-back-up-windows-8-a.html
 
Last edited:

My Computer

System One

  • OS
    64-bit Windows 10
    Computer type
    PC/Desktop
    System Manufacturer/Model
    Custom self built
    CPU
    Intel i7-8700K OC'd to 5 GHz
    Motherboard
    ASUS ROG Maximus XI Formula Z390
    Memory
    64 GB (4x16GB) G.SKILL TridentZ RGB DDR4 3600 MHz (F4-3600C18D-32GTZR)
    Graphics Card(s)
    ASUS ROG-STRIX-GTX1080TI-O11G-GAMING
    Sound Card
    Integrated Digital Audio (S/PDIF)
    Monitor(s) Displays
    2 x Samsung Odyssey G7 27"
    Screen Resolution
    2560x1440
    Hard Drives
    1TB Samsung 990 PRO M.2,
    4TB Samsung 990 PRO PRO M.2,
    8TB WD MyCloudEX2Ultra NAS
    PSU
    OCZ Series Gold OCZZ1000M 1000W
    Case
    Thermaltake Core P3
    Cooling
    Corsair Hydro H115i
    Keyboard
    Logitech wireless K800
    Mouse
    Logitech MX Master 3
    Internet Speed
    1 Gb/s Download and 35 Mb/s Upload
    Browser
    Internet Explorer 11
    Antivirus
    Malwarebyte Anti-Malware Premium
    Other Info
    Logitech Z625 speaker system,
    Logitech BRIO 4K Pro webcam,
    HP Color LaserJet Pro MFP M477fdn,
    APC SMART-UPS RT 1000 XL - SURT1000XLI,
    Galaxy S23 Plus phone
Saving to USB will also save a super-hidden .bek file in addition to the .txt file, and I believe it's the .bek file that is used during booting when the flash drive is serving as the key. That said, I'm not sure why they're saved for my fixed data drives, which are not bootable. I know from "manage-bde -protectors -get" that fixed drives each have an extra External Key that removable drives don't get, and the .bek files are for these keys, but I don't yet know their purpose. Can anyone elaborate on this?
 

My Computer

System One

  • OS
    Windows 8.1 Pro with Media Center
Thanks for all the replies, especially Brink for answering all my questions (and the link).

Much appreciated.

:)
 

My Computer

System One

  • OS
    Windows 8.1 Pro 64 bit
Glad we could help. :)
 

My Computer

System One

  • OS
    64-bit Windows 10
    Computer type
    PC/Desktop
    System Manufacturer/Model
    Custom self built
    CPU
    Intel i7-8700K OC'd to 5 GHz
    Motherboard
    ASUS ROG Maximus XI Formula Z390
    Memory
    64 GB (4x16GB) G.SKILL TridentZ RGB DDR4 3600 MHz (F4-3600C18D-32GTZR)
    Graphics Card(s)
    ASUS ROG-STRIX-GTX1080TI-O11G-GAMING
    Sound Card
    Integrated Digital Audio (S/PDIF)
    Monitor(s) Displays
    2 x Samsung Odyssey G7 27"
    Screen Resolution
    2560x1440
    Hard Drives
    1TB Samsung 990 PRO M.2,
    4TB Samsung 990 PRO PRO M.2,
    8TB WD MyCloudEX2Ultra NAS
    PSU
    OCZ Series Gold OCZZ1000M 1000W
    Case
    Thermaltake Core P3
    Cooling
    Corsair Hydro H115i
    Keyboard
    Logitech wireless K800
    Mouse
    Logitech MX Master 3
    Internet Speed
    1 Gb/s Download and 35 Mb/s Upload
    Browser
    Internet Explorer 11
    Antivirus
    Malwarebyte Anti-Malware Premium
    Other Info
    Logitech Z625 speaker system,
    Logitech BRIO 4K Pro webcam,
    HP Color LaserJet Pro MFP M477fdn,
    APC SMART-UPS RT 1000 XL - SURT1000XLI,
    Galaxy S23 Plus phone
Back
Top