ProtectKeyWithNumericalPassword method of the Win32_EncryptableVolume class
The ProtectKeyWithNumericalPassword method of the Win32_EncryptableVolume class secures the volume's encryption key with a specially formatted 48-digit password. This numerical password can be used to recover from the authentication failures of other key protectors (for example, TPM).
A key protector of type "Numerical Password" is created for the volume.
Use the IsNumericalPasswordValid method to validate the format of the numerical password.
Syntax
uint32 ProtectKeyWithNumericalPassword(
[in, optional] string FriendlyName,
[in, optional] string NumericalPassword,
[out] string VolumeKeyProtectorID
);
Parameters
-
FriendlyName [in, optional]
-
Type: string
A string that specifies a user-assigned identifier for this key protector. If this parameter is not specified, a blank value is used.
-
NumericalPassword [in, optional]
-
Type: string
A string that specifies the specially formatted 48-digit numerical password.
The numerical password must contain 48 digits. These digits can be divided into 8 groups of 6 digits, with the last digit in each group indicating a checksum value for the group. Each group of 6 digits must be divisible by 11 and must be 720885 or less. Assuming a group of six digits is labeled as x1, x2, x3, x4, x5, and x6, the checksum x6 digit is calculated as –x1+x2–x3+x4–x5 mod 11.
The groups of digits can optionally be separated by a space or hyphen. Therefore, "xxxxxx-xxxxxx-xxxxxx-xxxxxx-xxxxxx-xxxxxx-xxxxxx-xxxxxx" or "xxxxxx xxxxxx xxxxxx xxxxxx xxxxxx xxxxxx xxxxxx xxxxxx" may also contain valid numerical passwords.
If no numerical password is specified, one is randomly generated. Use the GetKeyProtectorNumericalPassword method to obtain the randomly generated password.
-
VolumeKeyProtectorID [out]
-
Type: string
A string that is the unique identifier associated with the created protector and that can be used to manage the key protector.
If the drive supports hardware encryption and BitLocker has not taken band ownership, the ID string is set to "BitLocker" and the key protector is written to per band metadata.
Return value
Type: uint32
This method returns one of the following codes or another error code if it fails.
| Return code/value | Description |
|---|---|
|
The method was successful. |
|
The NumericalPassword parameter does not have a valid format. |
|
The volume is locked. |
|
The NumericalPassword parameter does not have a valid format. |
Remarks
Managed Object Format (MOF) files contain the definitions for Windows Management Instrumentation (WMI) classes. MOF files are not installed as part of the Windows SDK. They are installed on the server when you add the associated role by using the Server Manager. For more information about MOF files, see Managed Object Format (MOF).
Requirements
| Requirement | Value |
|---|---|
| Minimum supported client |
Windows Vista Enterprise, Windows Vista Ultimate [desktop apps only] |
| Minimum supported server |
Windows Server 2008 [desktop apps only] |
| Namespace |
Root\CIMV2\Security\MicrosoftVolumeEncryption |
| MOF |
|
See also
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for