Storing the BitLocker key safe is important. Here're the steps to backup BitLocker recovery key from Control panel and PowerShell command.
BitLocker is the built-in Windows encryption system. It allows you to encrypt any internal or external drive so that only authorized persons can access the data in the encrypted drive. In fact, you can even encrypt the entire operating system with BitLocker. One of the best things about BitLocker is how secure and easy it is to use. Add to that, since BitLocker is baked right into Windows, you don't have to install any other software.
While encrypting a drive with BitLocker, it gives you a few options to back up the recovery key. The recovery key is useful to decrypt and recover data if you forgot or lost the BitLocker password. Even after you encrypt drives with BitLocker, you can still create additional recovery key backups as long as you have the BitLocker password.
So, in this quick post let me show how you can backup BitLocker recovery key in Windows.
Note: Before proceeding, unlock the BitLocker drive. You can lock the drive after backing up the recovery key(s). In case you are wondering, BitLocker doesn't allow backing up keys while the drive is locked/encrypted for obvious reasons.
1] From Control Panel
To back up the recovery keys, the Control Panel provides an easy way.
1. First, open the Control Panel by searching for it in the start menu. Once the Control Panel has been opened, set the "View by" on the top right corner to "Small icons" or "Large icons". Now, find and click on the "BitLocker Drive Encryption" option.
2. In the BitLocker window, you will see all the drives. Find the BitLocker drive for which you want to back up the recovery key and expand it by clicking on the little arrow icon. Now, click on the "Back up your recovery key" link.
3. The above action will open the recovery wizard. Select the method you want to use for the recovery. In my case, I'm choosing the "Save to a file" option. Depending on which option you choose, the next step(s) will be different.
4. Here, go to where you want to save the recovery key, name the file, and hit the "Save" button.
5. In the BitLocker wizard, click "Finish" to close it.
That is it. You've successfully backed up the BitLocker recovery key. Open the saved file and you will see the key under the Recovery Key heading. I've highlighted that part in the image below. This is the key you should enter when you forgot or lost the BitLocker password.
2] Backup BitLocker Recovery Key PowerShell Command
If you want to, you can also use a single line PowerShell command to quickly backup the recovery key.
1. First, open the Start Menu, search for "PowerShell", right-click on the result and select "Run as Administrator" option. This will open an elevated PowerShell window.
2. In the PowerShell window and execute below command after replacing the "<DriveLetter>" with the drive letter of the BitLocker encrypted drive.
(Get-BitLockerVolume -MountPoint <DriveLetter>).KeyProtector > $env:UserProfile\Desktop\BitLocker_Recovery_Key.txt
3. As soon as you execute the file, the BitLocker recovery key will be saved as a text file to your desktop. You will not see any response in the PowerShell window. You can close it.
Open the text file and you will see the recovery key right next to "Recovery Password". I've highlighted that part in the image below.
I hope that helps. If you are stuck or need some help, comment below and I will try to help as much as possible.
If you like this article, do check out how to lock folder in Windows without using BitLocker.