The newest addition to the family of sophisticated data recovery technologies developed by DiskInternals allows recovering data from BitLocker-encrypted NTFS partitions created in Windows 7 and Vista. Essentially, BitLocker is just a name used by Microsoft to describe an algorithm employed in Windows Vista and Windows 7 to encrypt disk volumes sector by sector. BitLocker is something else than setting security permissions on files and folders and is different from EFS Encrypted File System used for encrypting files and folders from the Security tab in Windows Explorer.

Unlike other access restriction and content-encryption methods employed in Microsoft’s latest operating systems, BitLocker deals with entire disk volumes. The algorithm of Microsoft BitLocker Recovery uses low-level, sector-by-sector encryption to protect the entire partition, disk, or disk volume. Two versions of BitLocker exist. The first version, BitLocker 1. This version of BitLocker has certain limitations on which volumes can be encrypted.

Windows 7 uses Recovery 2. The second version of BitLocker is much easier to use, lifting most limitations of the first edition. DiskInternals works around these limitations, making such access easily possible – providing that you know the original password or volume recovery key. It is for this purpose that BitLocker was created. It protects all computer data and prevents unauthorized access to it.

At the same time, if you cannot access your BitLocker-encrypted disk, you need to begin recovery right away. It is possible to get access to the disk with a BitLocker recovery password. But if you forget or can not find the password, this can be a problem for you and restoring BitLocker is the only chance you have to get access to the disk.

This is a process that allows you to access an inaccessible drive that is protected with BitLocker. Recovery is important if unlocking the drive in the usual way does not work.

DiskInternals can recover files and folders from damaged volumes using BitLocker encryption. However, one important pre-requisite must be met. You have to supply the original encryption password or volume Recovery Key generated by BitLocker at the time the protected volume was created. DiskInternals does not, and will not break into protected volumes if the original password or volume recovery key is unknown.

This is as much of a policy issue as it is a technological limitation. BitLocker protection is strong enough to sustain many years of brute-force attacks.

The password part is simple; if access to your BitLocker volume was protected with a password, simply enter that password into DiskInternals EFS Recovery when prompted, and the recovery will go on seamlessly. Bitlocker Recovery Keys are something else. These keys are returned by BitLocker at the time the encrypted volume is created and if hardware Trusted Platform Module keys, USB keys or combinations of thereof are employed for transparent encryption.

You can save the key as a text file on the USB flash drive and use a different computer to read the text file. A proper BitLocker Recovery Key may look like this:. BEK file with a name that looks like this:. DiskInternals EFS Recovery is a professional software tool that can easily recover data from locked volumes using BitLocker encryption.

You just need to enter the key, and then it will automatically scan. After this, select the necessary files for recovery, which will then also happen automatically. A free trial version of the program is always available, as well as a free preview function before recovery.

Step 2. Run the application and scan the disk where the key is located For EFS, you should choose the disk where Windows encrypted the data; for BitLocker, choose the disk with the BitLocker. Then a new window will appear asking you to enter the key. If there is no such request, then the master key has not been restored.

Step 4. Select the recovery method: fast or full. Wait for the process to complete. The quick method searches existing and deleted files and takes several minutes. The full method also restores partition structures and searches for signatures. This method will take much longer, but it is preferable if you have a reformatted or damaged disk.

Step 5. If the decryption was successful, then you will be able to preview the files. Step 6. Buy a license for this product and enter the license key in the appropriate window.

Let’s make a summary: to recover files and folders from the encrypted drive, launch EFS Recovery and enter your volume Recovery Key. If the key matches, the product will automatically scan the BitLocker volume to locate any recoverable files and folders, detecting and fixing file system errors if that option is selected.

Everything happens completely automatically; all you need to do is selecting which files to recover.

How You Can Recover a Forgotten BitLocker Password [Solved]

You can also search for a password by password identifier ID. The following procedures describe the most common tasks performed by using the BitLocker Recovery Password Viewer. In Active Directory Users and Computers , locate and then click the container in which the computer is located.

In the Properties dialog box, click the BitLocker Recovery tab to view the BitLocker recovery passwords that are associated with the computer. On the BitLocker Recovery tab of the Properties dialog box, right-click the BitLocker recovery password that you want to copy, and then click Copy Details.

In the Find BitLocker Recovery Password dialog box, type the first eight characters of the recovery password in the Password ID first 8 characters box, and then click Search. By completing the procedures in this scenario, you have viewed and copied the recovery passwords for a computer and used a password ID to locate a recovery password. Prepare your organization for BitLocker: Planning and Policies. BitLocker: How to deploy on Windows Server Skip to main content. You must be logged in as a domain user with a connection to the network.

The computer is not connected to the network, or the computer cannot communicate with the domain. You do not have permissions to perform this install. Enterprise administrative rights are required. You may receive this error message when you try to install the first instance of the BitLocker Recovery Password Viewer tool in a forest. Also, you must have Read and Write permissions to the parent containers of these objects in the Active Directory configuration database.

By default, members of the Enterprise Administrators group have Read and Write permissions to these objects. Error message 5. You may receive this error message when you try to perform a second or later installation of the BitLocker Recovery Password Viewer tool in a domain. Also, you must have at least Read permissions to the parent containers of these objects in the Active Directory configuration database.

Click Start , click Run , type appwiz. In the Add or Remove Programs dialog box, click to select the Show updates check box. If you receive a message that states that other programs may not run correctly if you remove this update, click Yes to confirm the removal of this update. Note The removal of the BitLocker Recovery Password Viewer tool does not prevent other programs from running correctly.

In Active Directory Users and Computers, locate and then click the container in which the computer is located. For example, click the Computers container. For more information about how to locate a computer account, visit the following Microsoft Web site:. In the ComputerName Properties dialog box, click the BitLocker Recovery tab to view the BitLocker recovery passwords that are associated with the particular computer. Follow the steps in the “To view the recovery passwords for a computer” section to view the BitLocker recovery passwords.

In the Find BitLocker Recovery Password dialog box, type the first eight characters of the recovery password in the Password ID first 8 characters box, and then click Search. A2: No. To view recovery passwords, you must be a domain administrator, or you must have been delegated permissions by a domain administrator.

If a user who does not have sufficient rights installs the BitLocker Recovery Password Viewer tool, that user cannot locate any recovery passwords for any computer. Also, if you use the BitLocker Recovery Password Viewer tool to search for recovery passwords among all the domains in a forest, results are returned only from the domains in which you have sufficient rights. Note The BitLocker Recovery Password Viewer tool cannot distinguish between a situation in which no recovery passwords exist for a particular computer and a situation in which you do not have sufficient rights to view the recovery password for a particular computer.

Q3: What if a stored recovery password does not appear on the “BitLocker Recovery” tab of a computer’s ” ComputerName Properties” dialog box? A3: Usually, the BitLocker recovery passwords for a particular computer appear on the BitLocker Recovery tab of the ComputerName Properties dialog box for that computer. However, if a computer is renamed, you may be unable to locate the correct computer.

This is because the drive label information still contains the original computer name. In this situation, you must use the password ID information to search for the recovery password.

Q4: Why are only the first eight characters of the password ID used to search for the location of a recovery password? A4: This is a design decision that is intended to help simplify searching for recovery passwords without sacrificing the accuracy of the search operation.

Tests that randomly generated over one million password IDs typically yielded only duplicates for the first eight characters of the password ID. Therefore, even if you have one million recovery passwords in a search domain, it is unlikely that two recovery passwords will be returned by a single search operation.

Additionally, it is even more unlikely that more than two recovery passwords will be returned in the same search. Note We recommend that you examine the returned recovery password to make sure that it matches the whole password ID that you used to perform the search. This is to verify that you have obtained the unique recovery password. Q5: How long does it take to search for a recovery password across all domains?

A5: Generally, it takes no more than several seconds to search for a password ID across all the domains of a forest. However, you may experience decreased performance if the following conditions are true:. A6: Use the following information to help troubleshoot issues that you experience when you use the BitLocker Recovery Password Viewer tool:. If you cannot locate a recovery password when you expect to locate one, verify that you have sufficient rights to view recovery passwords.