How to Bypass BitLocker Recovery Key with or Without Microsoft Account
Hello everyone!
On this topic, I will show you how to bypass the BitLocker recovery Screen that asks you to Enter the Recovery Key for This Drive.
BitLocker recovery is a Microsoft security technique to protect your data on the disk against unauthorized access of online attacks or offline access from foreign individuals. So, once the BitLocker or Trusted Platform Module detect any suspected access, the disk will get encrypted and the computer will boot into the BitLocker Recovery Blue screen.
I will show you how do I recover my BitLocker recovery key using different methods, but before starting, you have to know why is the computer asking for a BitLocker recovery key, as this will help you to unlock BitLocker without password or recovery key.
- Why does may computer asks for BitLocker recovery key?
- How To Get BitLocker Recovery Key From CMD?
- How To Get BitLocker Recovery Key with Key ID From Your Microsoft Account?
- How To Get BitLocker Recovery Key Without Microsoft Account?
- Can You Unlock BitLocker Without Recovery Key?
- How to Disable BitLocker Recovery Screen Boot Loop:
- How to bypass BitLocker Recovery Screen if the Recovery password is unavailable?
- VIDEO:
Why does may computer asks for BitLocker recovery key?
There are many reasons that may trigger BitLocker recovery screen, but the most important reasons are, changing in Boot order in BIOS settings, disabling or clearing the TPM, online attacks that attempt to access your local data, multiple wrong login attempts, removing or completely discharging a smart battery on a laptop, and upgrading BIOS or UEFI firmware.
- This is the list of most common causes for BitLocker Recovery screen:
- When an online attack is detected, the computer will immediately reboot and enter into BitLocker recovery bluescreen mode.
- Changing the boot order of devices in BIOS firmware settings can cause BitLocker recovery on devices with TPM version 1.2 but not the devices with TPM 2.0.
- Wrong login credentials for many times, especially if not turned off booting to BitLocker Recovery mode in such case.
- Pressing the F8 or F10 key during the boot process.
- Adding or removing some internal or external hardware.
- Modifying the Platform Configuration Registers (PCRs) that used by TPM.
- upgrading BIOS Firmware that lead to new changes in boot settings.
- Removing or completely discharging the laptop’s battery.
- Moving the BitLocker-protected drive into another computer.
- Trying to boot from Windows installation Media (WIM) like DVD or USB flash drive.
- Changing the NTFS partition table, such as resizing, deleting the primary partition.
- Upgrading or hiding TPM firmware, or removing TPM data.
- Losing the USB pen drive containing the startup key in computers with enabled startup key authentication.
- Pressing the F8, F10, ESC or another Boot or BIOS hot key during the boot process.
- Failure of TPM self-test.
- Upgrading the motherboard to a new one with a new TPM module.
- Changing disk scheme to the master boot record (MBR).
So, if you can remember what did you change in your computer before appearance of the BitLocker recovery screen, you can revert that change back to bypass this blue screen.
How To Get BitLocker Recovery Key From CMD?
- To show BitLocker recovery key from CMD, do the followings:
- Search for CMD and open Command Prompt as Administrator
- Type this command and press Enter
- MANAGE-BDE -PROTECTORS -GET C:
- This is the BitLocker recovery key
Note: If you have executed this command from Advanced Recovery Environment or on locked Drive, you will get only the Numerical password ID, but not the password itself. The Numerical password ID can be used to differentiate the password of specific drive from other drives or partitions if you have more than one encrypted drive.
How To Get BitLocker Recovery Key with Key ID From Your Microsoft Account?
- Open this link in another computer or in your mobile using Google Chrome or another Browser.
- Login to Microsoft using the same account that you have logged in on your computer.
- If you have not signed in with a Microsoft account on the computer, make sure the other person who shares the computer use with you, or the person who installed Windows when you purchased the computer, or who reinstalled it, if they may be signed in with someone’s Microsoft account. For your information, Windows 11 requires registration with a Microsoft account when installing the system as a mandatory step, as the system makes a backup copy of the BitLocker key automatically.
- If you have more than one encrypted drive, you have to select the required BitLocker recovery key from your Microsoft account according to the drive ID shown in BitLocker recovery blue screen.
- Once you get the key, type it in the textbox of BitLocker recovery screen to unlock your computer and decrypt the disk drive.
- After typing the password, press Enter from keyboard to close BitLocker recovery screen and to boot windows normally.
How To Get BitLocker Recovery Key Without Microsoft Account?
There are three different methods to store and restore BitLocker recovery key, which are:
- Save to your Microsoft account
- Print the recovery key to paper if you have printer
- Save the recovery key as a file on external disk like USB or hard disk,
Note: You can’t save it on the same encrypted disk.
So, if you have that external USB drive or the printed paper, you can recover your BitLocker recovery key without Microsoft account. Otherwise, you have to login to associated Microsoft account to get your key.
Can You Unlock BitLocker Without Recovery Key?
There is no published way to unlock BitLocker without recovery key after the disk gets locked and there is no real BitLocker generator app or tool; However, if the BitLocker triggered by firmware or hardware changes or if your computer belongs to an organization that has a Data Recovery Agent (DRA) certificate installed in your computer, then you can unlock the BitLocker-encrypted drive without password or recovery key by reverting those changes back or by using that DRA certificate as instructed on this topic.
- You can disable BitLocker without recovery key in running windows as followings:
- Type BitLocker into search box and then open Manage BitLocker tool
- Click on Turn Off BitLocker option
- If you have Home Edition of windows, Device Encryption Settings will appear instead of Mange BitLocker in search results. So open it and then change Device Encryption toggle from On to Off.
- After that, click on Turn Off option to disable BitLocker
Also you can disable BitLocker using CMD as followings:
- Type CMD into search box and then Run Command prompt as administrator
- Type this command and Press Enter:
MANAGE-BDE -OFF C:
- To suspend BitLocker protection, execute this command:
MANAGE-BDE -PROTECTORS -DISABLE C:
How to Disable BitLocker Recovery Screen Boot Loop:
To disable BitLocker Boot loop, do the followings:
- Press ESC key from keyboard for more recovery options
- Click Skip this Derive and then select Troubleshoot option
- Select Advanced options and then open Command Prompt
- Type NOTEPAD and press Enter
- From File tab, select Open option
- Click on this computer icon and then open USB drive.
- Open your recovery key file
- Back to Command Prompt window
- Show BitLocker recovery status using this command:
MANAGE-BDE -STATUS
- Show BitLocker Recovery ID of windows partition using this command:
- MANAGE-BDE -PROTECTORS -GET F:
- If windows partition has no assigned letter, use the GUID identifier instead.
- Compare the identifier numbers to confirm that the recovery password on the opened file is for windows partition.
- Type this command without hitting Enter:
MANAGE-BDE -PROTECTORS -UNLOCK F: -RP
- Copy the drive password and past it after previous command, after that press Enter to unlock the drive.
- Execute the following command to suspend the drive protection:
MANAGE-BDE -PROTECTORS -DISABLE F:
- Now, your computer can restart normally without BitLocker Recovery blue screen.
- But if you want to turn drive encryption off, execute this command:
MANAGE-BDE -OFF F:
How to bypass BitLocker Recovery Screen if the Recovery password is unavailable?
If your computer gets stacked to BitLocker Recovery with a zero % chance to get the recovery password, the chance to unlock it yourself would be a zero % too. In this case, you have to format the encrypted disk and then reinstall a fresh copy of windows. To do so, you will need to create a bootable USB of windows in another computer or in your android mobile if it supports USB On the Go. After that, boot your computer from the bootable USB as followings:
- Connect the bootable USB to your computer and turn the computer on
- Press F12 key immediately and repeatedly to open Boot menu.
- List of hot keys to enter Boot Menu in different laptop and desktop brands:
- Acer:
- Notbook ( AspireOne, Aspire Timeline) = F12, F9, Esc.
- Asus:
- Desktop: =F8
- Laptop: = Esc
- Notebook: = Esc, F8
- COMPAQ Presario : = F9, Esc.
- Dell: F12
- Laptop and desktop: (Precision, Precision Inspiron One 2020, 2305, 2320, 2330 All-In-One, Dimension, Inspiron, Latitude, workstation, … etc.) = F12
- HP:
- Desktop & generic: = Esc, F9
- Laptop: =Esc.
- Notebook: = Esc.
- Tower: = Esc
- Lenovo:
- Desktop: = F12, F8, F10
- Laptop: = F12, Nano Button, Fn +F11
- Notebook: = F12
- Sony:
- VAIO, PCG, VGN = Assist Button, Esc, F11.
- VGN: = Esc
- Toshiba: = F12
- Desktops & Laptops: (Protege, Satellite, Tecra. Equium, … etc.) = F12
- Samsung: F12, F2
- (Notebook & Ultrabook laptops): = Esc
- (Ultrabook Ative Book): = F2.
- Fujitsu: = F12
- Acer:
- After opening Boot Menu, select the USB pen drive from the list and Hit Enter to boot from the USB.
- Also you can boot from the USB while on BitLocker recovery screen as followings:
- Press ESC from Keyboard to open Recovery options
- Click on Skip this drive option and then select Use a Device option
- Select the USB drive from the list of available Drives to boot from it.
- Click on Install button and follow on-screen instructions
As you can see on the video, the Setup Wizard stated that Windows cannot be installed to this hard disk space. Because the BitLocker Device Encryption is Enabled on the selected Partition.
- To bypass this error and installing windows on the selected desk, you have to format that partition as followings:
- Click on Delete option
- Notice that after deleting the selected partition, all data inside it will be lost permanently, but data and files on other partitions or volumes will not be affected.
- Click OK to confirm deletion choice
- Select the Unallocated Space and click on New option
- Click on Apply to create a new partition with all unallocated disk space.
- Select the new partition if not selected and then click Next to start windows installation process.
- Follow on-screen instructions to customize the fresh installation of windows in your computer.
- Read this topic for more details about customizing windows 11 installation. From USB.
VIDEO:
For illustrated details in how to bypass the BitLocker Recovery Blue Screen, watch this video to see all suggested actions step by step: