When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.

Microsoft posts official BitLocker key recovery and back up guide for Windows 11/10 PCs

A Microsoft logo on a grey background with a padlock icon in a circle on the right

Back in May, a report suggested that Microsoft was looking to default-encrypt Windows 11 24H2 Home PCs. This could lead to potential performance loss, even on fast NVMe SSDs, though CPUs can be a different story with AMD touting a massive encryption performance boost (AES-XTS) with its newly released Ryzen 9000 series processors.

The problem with this situation is that users will need to have a BitLocker recovery key if this were to happen, and it is one of the benefits of having a Microsoft Account (MSA) over a local account.

Another scary situation arose recently where users found their PCs booted into a BitLocker recovery screen after last month's Patch Tuesday updates. At the time of writing the issue is still unresolved with Microsoft seemingly still investigating it.

Perhaps looking at the upcoming change in 24H2 as well as the boot bug, Microsoft has now added a bunch of new guides to its official website regarding BitLocker device encryption. In particular, two of them are certainly the most useful ones which walk users through finding their BitLocker recovery key and backing up the said key.

Microsoft has elaborated the steps necessary to retrieve the key:

Attached to your Microsoft account

If the BitLocker recovery key is backed up to your Microsoft account, follow these steps to retrieve it:

  1. From another device, open a web browser and go to https://aka.ms/myrecoverykey

  2. Sign in with your Microsoft account and locate the key ID:

    BitLocker Key recovery guide

  3. Use the related recovery key to unlock the drive

Notes:

  • If the device was set up, or if BitLocker was turned on, by somebody else, the recovery key might be stored in that person’s Microsoft account.

  • Starting in Windows 11, version 24H2, the BitLocker recovery screen shows a hint of the Microsoft account associated with the recovery key.

Attached to your work or school account

If your device was ever signed into an organization using a work or school account, the recovery key could be stored in that organization's account. You might be able to access it directly, or you might need to contact the IT support for that organization to access your recovery key.

  1. From another device, open a web browser and go to https://aka.ms/aadrecoverykey

  2. Sign in with your work or school account

  3. Select Devices and expand the device for which you need to retrieve the recovery key

    BitLocker Key recovery guide

  4. Select the option View BitLocker Keys

  5. Using the key ID, find the related recovery key and use it to unlock the drive

Besides the ones above, Microsoft has also recommended that users look at printouts and USB flash drives in case they were saved there.

The tech giant has also explained why backing up the BitLocker recovery key is crucial. "It’s important to verify that this backup exists and is accessible, or to create an extra backup of your own" says Microsoft.

Following that, the company has detailed the steps to create a BitLocker key back up:

  1. From Start , type BitLocker and select Manage BitLocker from the list of results

  2. In the BitLocker app, select Back up your recovery key next to the drive you want backup

    BitLocker Key back up guide

  3. Select where you want the key backed up

    • Save to your Microsoft Account - This will save the key in the recovery keys library of your Microsoft Account

      Note: If you're signed into a computer managed by your work or school this may say Save to your Azure AD account instead.

    • Save to a USB flash drive - If you have a flash drive handy you can save the key to it. If your device asks for the recovery key in the future, insert that USB drive and follow the instructions. The key takes only a couple of KB of space so the drive doesn't have to be large

      Important: Don't store this USB flash drive with the key on it with your computer. If a thief were to get the computer, they could steal the flash drive and bypass BitLocker encryption, leaving your data vulnerable.

    • Save to a file - You can save your recovery key as a plain text file on any device. If you need that file in the future just open it with a text editor like Notepad. You can't save the file to the BitLocker encrypted drive, so you might have to save it to a USB drive if you don't have a second, unencrypted, volume on the device

      Tip: copy the text file to your OneDrive Personal Vault for safe and secure storage, that can be readily accessed from any device if you need it.

    • Print the recovery key - You can print the recovery key if you prefer

      Important: Store that printout somewhere safe and don't keep it with the computer. If a thief were to steal the computer and the printed recovery key they could bypass BitLocker encryption, leaving your data vulnerable.

  4. Select Finish

You can find these guides as well as more BitLocker details here on Microsoft's official website.

Report a problem with article
A Google Wallet logo on a light background
Next Article

The latest Google Wallet Android update for the US adds the new "Everything Else" option

Google Chrome Canary for Android
Previous Article

Google Chrome on Android will make it easier to switch in and out of Incognito mode

Join the conversation!

Login or Sign Up to read and post a comment.

5 Comments - Add comment