Navigate

EOAS Help Desk
or
New Ticket
Subscribe Download PDF

Use PowerShell to get the Bitlocker recovery key

Burner EOAS
2023-02-01
2 Comments
in Adobe Sit License

Overview

The following information explains how to retrieve a copy of the Bitlocker recovery key using the PowerShell console. These instructions apply to Microsoft Windows 10.

Instructions

Step 1

Click the Start button, search for PowerShell. Right-click the PowerShell menu item and select Run as administrator

Step 2

At the PowerShell command prompt, enter the following and click Enter at the end:

Set-ExecutionPolicy -ExecutionPolicy RemoteSigned

Step 3

At the PowerShell command prompt, enter the following and click Enter at the end:

mkdir c:\temp

Step 4

Save the attached file Get-BitlockerRecoveryKeys.ps1 to the location you created at C:\Temp

Step 5

From the PowerShell command prompt, enter the following and click Enter at the end:

cd c:\temp

Step 6

From the PowerShell command prompt, enter the following and click Enter at the end:

.\Get-BitlockerRecovery.ps1

You should see one or more lines of output that identify the drive and the recovery key for that drive. If you email a copy of that information to helpdesk@eoas.ubc.ca, we will store that information safely, and you can subsequently use that information to unlock your computer's hard drive if Bitlocker requests the information.

Attachments

Comments (2)

Jamal Thu, 16th Jul 2020 11:32am

how do I run this for remote computers on my company network?
Thanks in advance. this is great help.

MJE Tue, 5th Jul 2022 8:18am

# November 28, 2017 - TJY
# Generate a list of Bitlocker recovery keys and display them at the command prompt.
#

# Modified to only display volumes that have recoverykeys, 2022/07/05 CodexIT, MJE

# Identify all the Bitlocker volumes.
$BitlockerVolumers = Get-BitLockerVolume

# For each volume, get the RecoveryPassowrd and display it.
$recovery=@()
$BitlockerVolumers | where KeyProtector -ne $false |
ForEach-Object {
$MountPoint = $_.MountPoint
$RecoveryKey = [string]($_.KeyProtector).RecoveryPassword
if ($RecoveryKey.Length -gt 5) {
$props=[ordered]@{}
$props.add("MountPoint",$MountPoint)
$props.add("RecoveryKey",$RecoveryKey.trim())
$recovery+=New-Object -TypeName psobject -Property $props
}
}



if ($recovery.count -gt 0) {
$recovery|Format-Table
} else {
"false"
}

Add a comment