Tip & How-To about Hetman Partition Recovery - Recover Deleted Partitions

How to Recover Data From a Disk Encrypted by Bitlocker. Data Recovery.

Today we will describe the procedure of data recovery from a damaged disk encrypted by Bitlocker. Such problem may emerge as a result of damage to the file system of an encrypted disk (for example, damage to the area of the hard disk, where BitLocker stores important data, that happens due to unexpected system shutdown), inability to load OS or BitLocker recovery console, and other similar errors that prevent normal opening of the encrypted disk. The described problems may affect both system disk,portable external drive or USB drive.

In order to recover data we will use the utility Repair-bde (BitLocker Repair Tool), a command prompt utility which appeared back in Windows 7 / 2008 R2. This utility is used for access and recovery of encrypted data in a damaged disk encrypted by BitLocker.
Warning. This procedure should be applied after all the others have failed, and it was impossible to unlock the encrypted disk in a standard way by using a Bitlocker password or recovery key.

Requirements for data recovery from a BitLocker volume

To recover data from a disk encrypted by BitLocker you need to have at least one of the following Bitlocker defense elements:
  • BitLocker recovery password;
  • Recovery key;
  • System startup key (Startup key - .bek).
Data will be recovered to a separate disk the size of which should be no less than the size of the damaged disk. In the course of recovery, all contents of this disk will be deleted and replaced by decrypted data from the Bitlocker volume.
In our example, disk E: (size 2 Gb) is a USB drive the contents of which are encrypted by BitLocker, and which cannot be opened for some reason. To recover data, we have installed an additional external disk F: (size 16 Gb).


Method 1. Data recovery with the use of a BitLocker password

In the first place, try recovering data with this method (it will work with Windows 8 / 2012 and newer versions):
  • Launch command prompt as administrator.
  • Execute the command:
    repair-bde E: F: -pw -Force
    where E: - disk with Bitlocker data, F: - disk where decrypted data should be extracted.
  • In the course of executing the command you will have to specify BitLocker password (the same which a user is to enter into UI when trying to access an encrypted volume).

Method 2. Decryption of a Bitlocker volume with a recovery key

For decryption of data located in a damaged volume which is encrypted with Bitlocker we will need a recovery key or a system startup key (if the system partition is encrypted).
Advice. BitLockerRecoveryKey is a unique sequence of 48 symbols. The recovery key is generated when a Bitlocker volume is created; it can be printed, saved as a text file to a local (this choice is not recommended) or external disk, or in a user account at Microsoft website.



Now let us launch data recovery with the help of this key:
repair-bde E: F: -rp 011407-712393-682121-100210-377003-405174-520014-328130 -Force
If Bitlocker is used for encryption of the system partition containing Windows, and for loading the system a special startup key on a USB drive is used, the encrypted volume can be decrypted as follows:
repair-bde E: F: -rk I:\3F558473-943D-4330-8449-62C36BA53345.BEK -Force
where file 3F558473-943D-4330-8449-62C36BA53345.BEK is a key to launch BitLocker disk encryption on a USB drive G: (by default, this file is hidden).
After the procedure of data recovery and decryption, before opening the disk where the contents of the Bitlocker volume were extracted, it is necessary to run its check. In order to do it, execute the following command and wait until it is complete:
Chkdsk F: /f
Important note. If you failed to recover data from an encrypted disk with the described methods, it is worth trying to create a sector-by-sector copy of the damaged disk with the help of a Linux utility DDRescue (or any other similar utility). After that, try recovering data from the received copy by the following scenario.

Data Recovery Software

We also should notice that exist more common and simpler way to recover files from Bitlocker encrypted storage. These are data recovery software. Of course, not all programs ?an cope in such situation but some of them have required function.
The only thing is that you must have a password to unlock the device which was specified when encrypt.
Then it's simple. Connecting device with the information that you want to recover to your computer and getting message.
Further, enter password in a special window after double-clicking on the device you need to recover in "This PC".
After that, the storage becomes fully accessible for data recovery for any of the Hetman Software programs.


Posted by on

Hetman Partition Recovery - Recover Deleted Partitions Logo

Related Topics:

Related Questions:

1 Answer

i have encrypted my local disk using bitlocker encryption and now it shows Local Disk(D:) is not accessible Access is denied and when i right click it was not showing security tab. please help me


Try This:

Before you start
  • You must be logged on as an administrator.

  • The volume must be encrypted.

To turn off BitLocker Drive Encryption
  1. Click Start, click Control Panel, click Security, and then click BitLocker Drive Encryption.
  2. From the BitLocker Drive Encryption page, find the volume on which you want BitLocker Drive Encryption turned off, and click Turn Off BitLocker Drive Encryption.
  3. From the What level of decryption do you want dialog box, click either Disable BitLocker Drive Encryption or Decrypt the volume as needed.
    By completing this procedure, you have either disabled BitLocker or decrypted the operating system volume.



    Good Luck!!

Aug 16, 2012 | HP Computers & Internet

1 Answer

WHEN I TURN COMPUTER ON AND IT START BOOTING UP. IT SAYS "HARD DISK LOCKED, ENTER USER PASSWORD"


Sounds like your disk has had bitlocker activated (vista or windows7)
if you did not create a recovery file at the time of creating your password and now cannot remember your password then there is not much you can do about the data already on the drive, you would need to remove the partition and reinstall your OS from scratch.
thats the purpose of data encryption, to ensure that no one can ever get your data.

Mar 20, 2011 | Computers & Internet

Not finding what you are looking for?

252 people viewed this tip

Ask a Question

Usually answered in minutes!

Top Hetman Computers & Internet Experts

Doctor PC
Doctor PC

Level 3 Expert

7733 Answers

kakima

Level 3 Expert

102366 Answers

David Payne
David Payne

Level 3 Expert

14161 Answers

Are you a Hetman Computer and Internet Expert? Answer questions, earn points and help others

Answer questions

Loading...