Recovery with BitLocker recovery key ID

For BitLocker encrypted computers a volume that cannot be accessed any more can be recovered via the BitLocker recovery key ID.

Users have to provide this ID. When they start the recovery process, the Bitlocker recovery key ID for operating system drive is displayed on the BitLocker recovery screen. For data drives the BitLocker recovery key ID is displayed when users click on More options and then on Enter recovery key in the wizard to unlock a BitLocker encrypted drive.

Important Recovery keys are only displayed if the security officer has the permissions to manage the computer. If the computer has been removed in the Management Center, the Use recovery tool permission is required to access recovery keys.
  1. In the SafeGuard Management Center, select Tools > Recovery to open the Recovery Wizard.
  2. On the Recovery type page, select BitLocker Recovery key ID (managed) and click Next.
  3. Click [...] to search for a recovery key ID.
  4. On the Find BitLocker recovery keys page, enter at least the first four digits of the BitLocker recovery key ID in the Search name field and click Find Now.
    All keys matching your query are displayed.

    Active and inactive keys are displayed. Recovery keys are displayed even if the assigned computer has been removed in the Management Center. In this case the computer name cannot be determined and N/A is displayed in the Computer column.

  5. Select the desired key and click OK.
    On the Find BitLocker recovery keys page, information about the key is displayed.
  6. Click Next.
    On the BitLocker recovery page, the 48-digit BitLocker recovery key is displayed.
  7. Provide the key to the user.

For logged events, see Auditing.