none
Bitlocker encrypted external drive without user authorization. RRS feed

  • Question

  • I primarily use a 2TB external hdd on my dell xps laptop.

    The laptop is on a Windows 10 home edition OS, with bitlocker turned on by default (possibly by the local distributor of the laptop) on the C drive. I have left it on and made no changes to it.

    When i plug in the external hdd into the laptop, it works fine, with no indication that it is encrypted or locked. The bitlocker settings page on the laptop does not show that the drive is encrypted and i can just plug-and-play the hdd with no problems.

    But on my desktop PC (or any other PC other than the dell laptop), the same external hdd shows that it is encrypted by bitlocker and requires a 48-digit recovery key, which i do not have. I have checked on my microsoft account where the recovery key for the laptop is saved, but only the recovery key (with the key ID) for the C drive of the laptop is found, not the external drive.

    As i understand, bitlocker-to-go - which encrypts external removable drives - is a feature only available on windows 10 pro. My desktop PC, which i use occasionally with the hdd, is windows 10 pro. But my laptop is windows 10 home and would not have that feature available to it.

    Is it possible that since the laptop C drive is bitlocker encrypted, it somehow extended its encryption to the removable external drive? Because the external drive works perfectly when connected to the laptop, with no indication that it is bitlocker locked. But if thats the case, why does the laptop 48 digit recovery key didnt work on the external drive? Would it help for me to turn off bitlocker on the laptop and let it decrypt the C drive? But if i do this, do i leave the external drive connected while it is decrypting the C drive?

    Sunday, April 9, 2017 3:00 PM

Answers

  • Hi.

    Plug it into your laptop where it will unlock automatically. Then, open an elevated command prompt (=right click cmd.exe and select "run as administrator") and launch

    manage-bde -protectors -get x:

    (substitute x: for the drive letter of your external drive).

    You will see the recovery key there and you can use it to mount it on other machines and afterwards, you can configure autounlock on other machines, too, in bitlocker options.

    • Marked as answer by A.Jun Monday, April 10, 2017 4:54 PM
    Monday, April 10, 2017 8:55 AM

All replies

  • Hi.

    Plug it into your laptop where it will unlock automatically. Then, open an elevated command prompt (=right click cmd.exe and select "run as administrator") and launch

    manage-bde -protectors -get x:

    (substitute x: for the drive letter of your external drive).

    You will see the recovery key there and you can use it to mount it on other machines and afterwards, you can configure autounlock on other machines, too, in bitlocker options.

    • Marked as answer by A.Jun Monday, April 10, 2017 4:54 PM
    Monday, April 10, 2017 8:55 AM
  • Tonnes of hours scouring the internet and about an hour chatting with microsoft online support (only to get a repeated reply of 'the only' solution of formatting the harddrive), and finally i see a solution on the internet. This saved me money from having to buy another 2tb drive to backup the contents. Thank you Mr Ronald Schilf. My sincerest gratitude to you.
    Monday, April 10, 2017 5:00 PM
  • Glad to hear that. You are welcome.
    Monday, April 10, 2017 5:06 PM