none
Bitlocker - Lost Recovery key, but PIN available RRS feed

  • Question

  • Hi,

    when i boot up Windows, it shows "Starting Windows" and it throws an error:

    UNMOUNTABLE_BOOT_VOLUME 0x000000ED

    I'm trying to run CHKDSK on the volume through Windows Recovery Environment, but I have lost the recovery key.

    Any idea what else can I do?


    Jabez Gan [MVP] - http://www.msblog.org Contributing Author for: (Sybex) MCTS: Windows Server 2008 Applications Infrastructure Configuration Study Guide: Exam 70-643

    Monday, January 29, 2018 1:15 PM
    Answerer

Answers

  • To help you understand your situation, let's be clear on what a Bitlocker PIN is: it is a key to another key. It entitles you to make the TPM chip release the real key that is used to unlock your hard drive UNDER ONE CONDITION: the hard drive itself is being booted and not some rescue OS.

    So in your situation, unfortunately, you need the recovery key, the PIN is not worth anything.

    --

    When setting up bitlocker, you were forced to save it to a file or print it - please try to remember what you did.

    Monday, January 29, 2018 1:28 PM
  • Definitely no alternative.

    "Cracking" tools would try the following: see if you have a backup which might hold a full system memory dump file (as a result of an eventual bluescreen). That dump file could be analysed by a "cracking" tool and it could read out the encryption key.

    Monday, January 29, 2018 1:50 PM

All replies

  • To help you understand your situation, let's be clear on what a Bitlocker PIN is: it is a key to another key. It entitles you to make the TPM chip release the real key that is used to unlock your hard drive UNDER ONE CONDITION: the hard drive itself is being booted and not some rescue OS.

    So in your situation, unfortunately, you need the recovery key, the PIN is not worth anything.

    --

    When setting up bitlocker, you were forced to save it to a file or print it - please try to remember what you did.

    Monday, January 29, 2018 1:28 PM
  • When setting up bitlocker, you were forced to save it to a file or print it - please try to remember what you did.

    -> This is where MBAM fucked it up. All clients have the key saved in MBAM - for whatever reason, except this particular machine does not have the key stored in MBAM. Can't even find the hostname/sam account name/8 digit recovery ID that corresponds to the drive in the MBAM server. :S

    Hence trying my luck to see if there is any alternative out there.


    Jabez Gan [MVP] - http://www.msblog.org Contributing Author for: (Sybex) MCTS: Windows Server 2008 Applications Infrastructure Configuration Study Guide: Exam 70-643


    Monday, January 29, 2018 1:47 PM
    Answerer
  • Definitely no alternative.

    "Cracking" tools would try the following: see if you have a backup which might hold a full system memory dump file (as a result of an eventual bluescreen). That dump file could be analysed by a "cracking" tool and it could read out the encryption key.

    Monday, January 29, 2018 1:50 PM