Skip to main content

Use PowerShell to get the Bitlocker recovery key - Knowledgebase / General / Adobe Sit License - EOAS Help Desk

Use PowerShell to get the Bitlocker recovery key

Authors list

Overview

The following information explains how to retrieve a copy of the Bitlocker recovery key using the PowerShell console. These instructions apply to Microsoft Windows 10.

Instructions

Step 1

Click the Start button, search for PowerShell. Right-click the PowerShell menu item and select Run as administrator

Step 2

At the PowerShell command prompt, enter the following and click Enter at the end:

Set-ExecutionPolicy -ExecutionPolicy RemoteSigned

Step 3

At the PowerShell command prompt, enter the following and click Enter at the end:

mkdir c:\temp

Step 4

Save the attached file Get-BitlockerRecoveryKeys.ps1 to the location you created at C:\Temp

Step 5

From the PowerShell command prompt, enter the following and click Enter at the end:

cd c:\temp

Step 6

From the PowerShell command prompt, enter the following and click Enter at the end:

.\Get-BitlockerRecovery.ps1

You should see one or more lines of output that identify the drive and the recovery key for that drive. If you email a copy of that information to helpdesk@eoas.ubc.ca, we will store that information safely, and you can subsequently use that information to unlock your computer's hard drive if Bitlocker requests the information.

Helpful Unhelpful

43 of 97 people found this page helpful

Comments (2)

Jamal
how do I run this for remote computers on my company network?
Thanks in advance. this is great help.
MJE
# November 28, 2017 - TJY
# Generate a list of Bitlocker recovery keys and display them at the command prompt.
#

# Modified to only display volumes that have recoverykeys, 2022/07/05 CodexIT, MJE

# Identify all the Bitlocker volumes.
$BitlockerVolumers = Get-BitLockerVolume

# For each volume, get the RecoveryPassowrd and display it.
$recovery=@()
$BitlockerVolumers | where KeyProtector -ne $false |
ForEach-Object {
$MountPoint = $_.MountPoint
$RecoveryKey = [string]($_.KeyProtector).RecoveryPassword
if ($RecoveryKey.Length -gt 5) {
$props=[ordered]@{}
$props.add("MountPoint",$MountPoint)
$props.add("RecoveryKey",$RecoveryKey.trim())
$recovery+=New-Object -TypeName psobject -Property $props
}
}



if ($recovery.count -gt 0) {
$recovery|Format-Table
} else {
"false"
}