Applies to: Configuration Manager (current branch)
You can get BitLocker recovery keys for a tenant-attached device from the Microsoft Intune admin center. For example, a help desk technician who doesn't have access to Configuration Manager could use the web-based admin center to help an end user get a recovery key for their device.
In the admin center, select Devices and then All Devices.
Select a device that's synced from Configuration Manager via tenant attach.
Select Recovery keys in the device menu. You'll see the list of encrypted drives on the device.
To display a recovery key for a drive, select Show recovery key. This action reveals the recovery key, which causes the device to rotate its recovery key. Select Yes to continue and view the key.
A pane to the right displays the device information, including the BitLocker recovery key. Select the copy icon to copy the key to the clipboard. This action makes it easier to share with a user.
Windows will require a BitLocker recovery key when it detects a possible unauthorized attempt to access the data. This extra step is a security precaution intended to keep your data safe and secure.
If you are unable to locate a required BitLocker recovery key and are unable to revert a configuration change that might have caused it to be required, you must reset your device using one of the Windows 10 recovery options. Resetting your device removes all your files.
Use BitLocker Repair Tool: The BitLocker Repair Tool is a built-in feature in Windows that can help repair encrypted drives without the recovery key. Users can access the tool through the BitLocker Drive Encryption Control Panel and follow the instructions to repair the drive's encryption metadata.
Whenever you connect a drive to your PC and it is detected in the boot list, BitLocker will ask for the recovery key. If you're not connecting any devices and it keeps asking for the recovery key, it is because the boot support for Preboot for TBT and USB-C/TBT is turned on by default.
Type and search [Manage BitLocker] in the Windows search bar①, then click [Open]②. Click [Turn off BitLocker]③ on the drive that you want to decrypt. If the drive is under locked status, you need to click [Unlock drive] and type the password to turn off BitLocker.
On the initial BitLocker recovery screen, don't enter the recovery key instead, press Esc for more recovery options and select Skip this drive at the right bottom of the corner.
Select Troubleshoot > Advanced options > Command Prompt in order.
BLR Tools - Offers Industry standards Data… In this situation, if your encrypted drive doesn't accept the old login or recovery key, then download BitLocker unlock tool to decrypt your drive BitLocker encryption. And the professionals always suggest that try BLR BitLocker recovery tool to unlock your drive.
If you get a message saying You are locked out. Enter the recovery key to get going again, you will need to use another device with internet to continue. Select your name, then select profile to show a list of your linked devices. Select Get BitLocker keys and you will see two key codes.
To unlock their drives, users must open “This PC” (or “My Computer”, depending on the version of Windows), right-click on the encrypted drive icons with the locked yellow padlock icon, click "Unlock Drive" and provide the Password.
When a machine is encrypted it stores the state of the BIOS/UEFI settings. Any changes to this state can cause the BitLocker recovery mode to kick in. This could be something as simple as choosing a different boot device at startup if not configured correctly based on the network requirements of your organization.
Whenever you connect a drive to your PC and it is detected in the boot list, BitLocker will ask for the recovery key. If you're not connecting any devices and it keeps asking for the recovery key, it is because the boot support for Preboot for TBT and USB-C/TBT is turned on by default.
Hobby: Web surfing, Rafting, Dowsing, Stand-up comedy, Ghost hunting, Swimming, Amateur radio
Introduction: My name is Virgilio Hermann JD, I am a fine, gifted, beautiful, encouraging, kind, talented, zealous person who loves writing and wants to share my knowledge and understanding with you.
We notice you're using an ad blocker
Without advertising income, we can't keep making this site awesome for you.