BitLocker Data Recovery

BitLocker Data Recovery: How to Recover Data from BitLocker-Encrypted Drives

Last updated:

No robots used, our articles are crafted by humans under strict Editorial Guidelines.

Written by David Morelo David Morelo Staff Writer • 61 articles David Morelo is a technical staff writer for Handy Recovery Advisor. He is an essential member of the team, known for distilling complex data recovery and data management topics into easily understandable terms. David was a key figure in the project's origin in 2017, authoring many of the first articles that helped establish Handy Recovery Advisor as a trusted resource. LinkedIn Approved by Andrey Vasilyev Andrey Vasilyev Editor Andrey Vasilyev is an Editorial Advisor for Handy Recovery. Andrey is a software engineer expert with extensive expertise in data recovery, computer forensics, and data litigation. Andrey brings over 12 years of experience in software development, database administration, and hardware repair to the team. LinkedIn

A login password alone can’t protect your data in case of a physical theft, which is why full volume encryption using tools like BitLocker is now considered to be one of the most important cybersecurity best practices. But encryption can be a double-edged sword because it can stop not just the bad guys but also legitimate users.

🗨️

But fear not: this article is here to teach you how to recover data from a BitLocker-encrypted drive, describing several common data loss scenarios and recommending the most suitable solution for each of them.

What Is BitLocker Drive Encryption?

First introduced in Windows Vista (released in January 2007), BitLocker is a full volume encryption feature that has since then been included with every version of the Windows operating system (but not Home editions).

The purpose of this feature is to allow users to easily encrypt entire volumes of data, such as the system drive, using a strong encryption algorithm. In fact, BitLocker uses the same encryption that many military and government organizations do, the Advanced Encryption Standard (AES).

When you enable BitLocker encryption, all data on the encrypted volume turn into a seemingly random digital noise. To access them again, you need to first authenticate yourself to unlock the drive, typically by providing the correct password.

Data decryption is then done on the fly with little to no measurable performance impact, making BitLocker encryption, not just effective but also convenient.

Common BitLocker Data Recovery Scenarios

Based on our experience, we’ve identified the following five common BitLocker data recovery scenarios:

  1. Recover a BitLocker drive with a known password.
  2. Recover data from a BitLocker-encrypted computer that’s locked at boot.
  3. Recover files from a BitLocker-protected secondary storage device.
  4. Recover data from a corrupted or failed BitLocker drive.
  5. Retrieve files from a formatted BitLocker volume.
👀

The good news is that the first three scenarios can be solved without much effort. The fourth scenario is somewhat problematic and doesn’t always end well, but there are solutions that you can try, so don’t give up until you’ve tried them all. The last scenario can be solved only if you have a backup of your data.

Let’s take a closer look at each of the five common BitLocker data recovery scenarios:

Scenario #1: Recover a BitLocker drive with a known password

Situation: You’ve deleted a file from a drive that is encrypted using BitLocker, and you now want to recover this file.

Solution: All you need to do is enter the right BitLocker password to unlock the drive and recover the deleted files from the Recycle Bin. If the Recycle Bin folder has already been emptied, then you can use data recovery software to get your files back.

If you’re not sure which software application to pick, then don’t hesitate to consult a list of the best data recovery software currently available.

It’s likely that Disk Drill Data Recovery will be near the top because this easy-to-use data recovery application makes it effortless to recover a BitLocker drive, and the Windows version even lets you get back up to 500 MB of data for free.

Here’s how to recover a BitLocker drive with a known password using Disk Drill:

  1. Insert the drive you want to recover to your computer. If you want to recover data from a system drive, then you just need to enter the right password at boot and log in to your Windows account.
  2. Enter the correct password to unlock it.unlock bitlocker drive password prompt
  3. Launch Disk Drill and select the encrypted BitLocker volume. If you select the entire drive, Disk Drill will recommend you scan only the volume instead. We recommend scanning the entire drive only in the following situations:
    • The drive contained files before the BitLocker volume was created.
    • The drive contains multiple volumes, and some of them are not encrypted.
    • Unallocated storage space was not encrypted when the BitLocker volume was created.
  4. Click Search for lost data and wait until Disk Drill is done scanning and then go through the recovery results and select lost files.disk drill scan bitlocker drive annotated
  5. Click the Recover button and tell Disk Drill where you want to recover the selected files. You should always recover lost files to a different storage device, as instructed by Disk Drill.disk drill bitlocker recover annotated

Disk Drill supports over 400 file formats, and it can retrieve deleted files even after they’ve been removed from the Recycle Bin and permanently deleted. Still, there are some situations when BitLocker device recovery isn’t possible even with Disk Drill, such as:

  • The BitLocker volume was formatted.
  • Both the BitLocker password and the recovery key are lost.
  • The BitLocker volume is severely damaged, and BitLocker metadata is corrupted.
🔗

You can read our comprehensive Disk Drill review for more information about the data recovery software.

Scenario #2: Recover data from a BitLocker-encrypted computer that’s locked at boot

Situation: You would like to recover data stored on your system drive, but you’re unable to get to them because your computer is locked at boot, and you don’t know your BitLocker password.

Solution: Fortunately, BitLocker requires users to save their recovery key someplace safe during the initial setup, so the chances are that your key is just a few clicks away. Here’s where you should look for it:

  • 💿 Backup storage devices: Many users choose to save their BitLocker recovery key as a text file. Go through your backup drives and look for a file called something like “BitLocker Recovery Key 4C4F0CD2-9523-4BE8-BB80-CFAAD2494D7B”.
  • 📄 Computer-related documents: Instead of saving the recovery key in a digital form, and potentially exposing it to hackers, you can also print it on a piece of paper. If you have a binder or drawer dedicated solely to computer-related documents, there’s a chance that you’ll be able to find your key there.
  • ☁ Your Microsoft account: Modern devices that support automatic device encryption save the recovery key in the associated Microsoft account. Sign in to your Microsoft accounton another device and attempt to retrieve your recovery key.

Have you managed to find your BitLocker recovery key? Great! Now you can press Esc on the BitLocker boot screen and enter it to unlock your computer. You can now recover your data just like you would normally (see Scenario #1).

If your BitLocker recovery key is nowhere to be found, then we have bad news: regaining access to your computer is possible only by formatting the encrypted system drive and starting from scratch. After formatting, all data that was stored on the encrypted drive will be lost.

Scenario #3: Recover files from a BitLocker-protected secondary storage device

Situation: You want to recover files stored on a secondary storage device (a non-system hard drive or a USB flash drive), but you can’t because the storage device is encrypted using BitLocker.

Solution: Before you can recover a BitLocker-encrypted storage device using a data recovery application like Disk Drill, you need to unlock it first. Windows should prompt you to enter the correct BitLocker password when you connect the storage device to your computer, but you can also unlock it manually:

  1. Open the Start menu and type “control panel”.
  2. Launch the Control Panel app.
  3. Go to System and Security > BitLocker Drive Encryption.
  4. Click the Unlock drive button and enter your BitLocker password.bitlocker unlock drive annotated
  5. Recover your files like you normally would (see Scenario #1).

Don’t remember your BitLocker password? Then click the More options button when asked to enter your BitLocker password (Step #4) and enter your recovery key instead.

Alternatively, you can unlock your BitLocker-encrypted storage device using Disk Drill:

  1. Connect the storage device to your computer.
  2. Launch Disk Drill.
  3. Select the encrypted volume.
  4. Disk Drill will tell you that the volume is encrypted and allow you to unlock it by clicking the Unlock now button.bitlocker unlock drive with disk drill

Scenario #4: Recover data from a corrupted or failed BitLocker drive

Situation: Your BitLocker drive has become corrupted after experiencing a critical failure. As a result, you can’t access your files.

Solution: Aware that scenarios like this are bound to happen, Microsoft developed a BitLocker recovery tool, called repair-bde. This tool is included in Windows, and it attempts to reconstruct critical parts of a severely damaged drive and salvage recoverable data.

To work, the BitLocker recovery tool needs a valid recovery password or recovery key for decryption. Because repair-bde doesn’t have a graphical user interface, you need to invoke it from Windows PowerShell, like this:

repair-bde D: F: -rp 575509-123926-031053-128502-348667-221298-489412-479039

The command above instructs repair-bde to repair drive D: and write its content to drive :F using the 48-digit recovery key. Warning: The tool always completely deletes and overwrites the entire output volume (drive F: in this example), so make sure to pick a suitable storage device.

The BitLocker recovery tool supports far more parameters than we can cover in this article, but Microsoft’s official documentation explains them better than we possibly could.

Scenario #5: Retrieve files from a formatted BitLocker volume

Situation: You’ve decided to format a BitLocker-encrypted volume, only to realize that it contained an important file that you now want to get back.

Solution: We hate to be the bearers of bad news, but the fact is that retrieving files from a formatted BitLocker volume is impossible.

As we’ve already explained, BitLocker uses an advanced encryption algorithm that renders data unreadable unless the right decryption key is provided. When you format a BitLocker volume, you essentially destroy the lock the key is supposed to fit into.

Your best option is to recover lost files from a backup created using third-party backup software. If you don’t have a backup to recover from, then you can consider your files to be lost forever—even data recovery professionals won’t be able to help you.

How to Decrypt BitLocker-Encrypted Drives?

decryption lock

Full volume encryption is one of the best defenses against data breaches caused by theft or device loss, but that doesn’t automatically mean every single storage device needs to be encrypted.

For example, there’s no reason to store your movie collection on an encrypted drive (well, unless we’re talking about a certain specific genre of movies you don’t want your spouse to know about, but we digress).

Actually, it’s better to store it on an unencrypted drive because you can then easily watch your movies even on computers running macOS or Linux, not to mention your smart TV. What’s more, it’s much easier to recover data from an unencrypted drive than an encrypted one.

To decrypt a BitLocker-encrypted drive:

  1. Open the Start menu and type “control panel”.
  2. Launch the Control Panel app.
  3. Go to System and Security > BitLocker Drive Encryption.
  4. Click Turn off BitLocker.bitlocker turn off annotated
  5. Confirm your decision to decrypt the drive.

Final Words

BitLocker encryption makes it impossible for bad guys to extract sensitive information from your computer, but it can also prevent you from accessing your own files. Fortunately, there are many scenarios where BitLocker data recovery is possible, and we’ve described the most common ones in this article. If you ever experience any of them, then you can simply follow our step-by-step instructions to recover your data.

FAQ

Is BitLocker secure?

Yes, BitLocker uses the AES encryption algorithm, which is approved by the U.S. National Security Agency (NSA) for top secret information.

How Long Does It Take to Decrypt a BitLocker-Encrypted Drive?

That depends largely on the size and speed of the drive, as well as the number of files stored on it. Smaller SSDs can usually be decrypted almost instantly, while large spinning hard drives can take a while.

What if I Don’t Remember My BitLocker Password?

If you don’t remember your BitLocker password, then you can still regain access to the content of your BitLocker-encrypted drive using the recovery key.

What is the BitLocker recovery key?

The BitLocker recovery key is a 48-digit numerical sequence created before a drive is encrypted. It serves as a backup method for unlocking BitLocker-encrypted drives.

Is It Possible to Disable BitLocker from BIOS?

No, it’s not possible to disable BitLocker from BIOS. You need to open BitLocker settings in Windows and disable encryption from there.

About article
Staff Writer David Morelo

This article was written by David Morelo, a Staff Writer at Handy Recovery Advisor. It was also verified for technical accuracy by Andrey Vasilyev, our editorial advisor.

Curious about our content creation process? Take a look at our Editor Guidelines.

How do you rate the article? Submitted: