question

GregWyatt-0499 avatar image
0 Votes"
GregWyatt-0499 asked TeemoTang-MSFT commented

Bitlocker asking for key not passphrase, help!

I booted up a PC that I haven't used in some time, and while using it windows promptly asked me to update windows so I obliged.
Upon rebooting, I was greeted with a Bitlocker Recovery screen.

Completely forgot about this, hadn't seen it since it was setup a couple years ago.
No worries- I picked a unique and memorable password just for this use case.
BUT- it is not asking me for a passphrase! It starts off asking for the key, looks to be just a numeric code, and then on the next screen if I don't know the key, it proceeds to ask me again for the same key I just indicated I didn't have...

I thought maybe brute forcing since its only numbers but 48-digits, trying 10million/sec would only take 3.17 x 10^33 years sooo..

3 big questions:
Is there any way I can enter the passphrase to unlock this drive? Why did I create a passphrase, when is the thing used if not now???

Can I make an image of this drive onto some storage drive and save it while I continue to search for the key.txt? Can I 'mount' the image and continue to try to unlock the bitlocker?

Least likely- is there any weakness/exploit with bitlocker? Can I put the locked drive in an external enclosure and spin up some wild linux distro and hack away at it?

windows-10-security
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

TeemoTang-MSFT avatar image
1 Vote"
TeemoTang-MSFT answered TeemoTang-MSFT edited

Question 1: No, once computer enter recovery mode, we can only use recovery key(48 bit digits) to pass it.
What causes BitLocker recovery?
https://docs.microsoft.com/en-us/windows/security/information-protection/bitlocker/bitlocker-recovery-guide-plan#what-causes-bitlocker-recovery

Question 2: No, the drive which has been encrypted by BitLocker can’t be created as a image or cloned. We’d better find recovery key rather than find a way to hack BitLocker, if a Microsoft worldwide-used encryption product can be hacked by us, Microsoft must abolishing it immediately…

Please refer to this guide for bitlocker key, good luck
Finding your BitLocker recovery key in Windows 10 (microsoft.com)
https://support.microsoft.com/en-us/windows/finding-your-bitlocker-recovery-key-in-windows-10-6b71ad27-0b89-ea08-f143-056f5ab347d6

Finally, if you ensure recovery key has lost, the only way is format disk and clean install.


If the Answer is helpful, please click "Accept Answer" and upvote it.
Information posted in the given link is hosted by a third party. Microsoft does not guarantee the accuracy and effectiveness of information.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.


5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

GregWyatt-0499 avatar image
0 Votes"
GregWyatt-0499 answered GregWyatt-0499 commented

I just wanted to clarify on Question 2- it is not possible to boot from a live usb with imaging tools and attach another usb storage drive to make a 1:1 copy of the locked drive so that I can potentially unlock it later if I find the key?

· 2
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

You idea is feasible, maybe some third-party such as Symantec Ghost can make it, but I don’t think it is helpful to unlock the drive, after encrypted by BitLocker, the drive file format has became RAW, do you have a way to deal with it?

0 Votes 0 ·

my idea would be to 'burn' the backup image to a flash drive and boot a computer from that drive, entering the key when prompted, if i can find it.

i just didn't know if it was possible to clone the encrypted drive 1:1 in a way that i could then boot it from usb.
i'll look into symantec ghost

0 Votes 0 ·
TeemoTang-MSFT avatar image
0 Votes"
TeemoTang-MSFT answered TeemoTang-MSFT commented

Well...burn a RAW format BitLocker encrypted drive into a installation media, it is an interesting idea. But I am not optimistic to it. BitLocker encryption is a powerful encryption algorithm, has very high closure, I don't think the encrypted drive can be used for image creating

· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

To be honest, except finding out recovery key to pass recovery mode then unlock BitLocker on current system, I don't think other method can unlock the drive. If you does lost the recovery key, format the disk and clean install, there is no point in wasting time.

0 Votes 0 ·