none
Bitlocker took over...

    Question

  • Got one of my drives locked by bitlocker (don't ask me how, I updated to win 10, got problems and reverted back to win 8.1, and then it was locked without me ever activating it). The only option I got in my bitlock manager is to unlock drive, but when clicking that link I get the message "There are no supported protectors on this drive. The drive can't be unlocked.", and I do not get any option to enter any sort of key or password. 

    Anyway, found a recovery key on onenote and tried to unlock from command prompt in admin mode with "manage-bde -unlock D: -RecoveryKey <myverylongkey>", and got the result "ERROR: An error occurred while attempting to read the key from disk.

    So I assume the key has to be on a file to be able to use the command prompt to unlock it. How do I get the onenote key to disk? Why did Bitlocker turn on on my computer? Why do I not get the option to enter recoverykey from the Bitlock manager? And will it work to unlock it if I get the key to a file?

    Friday, January 08, 2016 3:52 PM

Answers

  • Problem is something else: Windows 10 (v1511) has introduced a new encryption method: XTS-AES and made it the new default. You cannot read those drives on anything but windows 10 (v1511). So you'll need to start from a windows setup dvd (10 v1511) and decrypt it from there, using the command line

    manage-bde -off d:

    (supposing it's seen as d: by setup).

    before we can decrypt, we need to mount it first, using the recovery key:

    manage-bde -unlock d: -rp 875123-875123-875123-875123-875123-876112 ( 875123... stands for some recovery key)

    • Marked as answer by magjavel Wednesday, January 13, 2016 3:53 PM
    Monday, January 11, 2016 1:07 PM

All replies

  • Hi magjavel,

    Thank you for your question.

    When we use “manage-bde -unlock D: -RecoveryKey”, the value for recoverykey is the path to external key file instead of you key. We could refer to the following link:

    https://technet.microsoft.com/en-us/library/ff829854.aspx 

    So if your recovery key file is on C:\recovery.bek, we could run the following command:

    Manage-bde –unlock d: -Recoverykey “C:\recovery.bek”

    Best Regard,

    Jim Xu

    Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact tnmff@microsoft.com.

    Jim Xu
    TechNet Community Support

    Monday, January 11, 2016 6:35 AM
  • Thanks for the reply. But how do I do to get that key from onenote to a .bek file then so I actually can use it?

    Monday, January 11, 2016 7:05 AM
  • Problem is something else: Windows 10 (v1511) has introduced a new encryption method: XTS-AES and made it the new default. You cannot read those drives on anything but windows 10 (v1511). So you'll need to start from a windows setup dvd (10 v1511) and decrypt it from there, using the command line

    manage-bde -off d:

    (supposing it's seen as d: by setup).

    before we can decrypt, we need to mount it first, using the recovery key:

    manage-bde -unlock d: -rp 875123-875123-875123-875123-875123-876112 ( 875123... stands for some recovery key)

    • Marked as answer by magjavel Wednesday, January 13, 2016 3:53 PM
    Monday, January 11, 2016 1:07 PM
  • Thanks.

    Reinstalled windows 10 and then I could use the drive again, and disable bitlocker. Since my wifi refuses to work with windows 10 I had to revert again, but I at least got access to my drive this time.

    Wednesday, January 13, 2016 3:57 PM
  • Thanks It work after installing windows 10 ver 1511.
    Thursday, May 31, 2018 7:12 AM