Security :: Windows 8.1 Machine - Bitlocker Recovery Key
Jul 3, 2014
I have a new Windows 8.1 machine and I wish to encrypt the drive using Bitlocker. It gives me 4 options to save a recovery key
1. Save to your Microsoft account
2. Save to a USB flash drive
3. Save to a file
4. Print the recovery key
Option 1 isn't available as I'm logged on using a local account.
i. What is the difference between options 2 & 3? i.e. I could save to a file on a USB drive
ii. Does option 2 mean the USB flash drive cannot then be used for other purposes?
iii. Does option 2 also mean I could use a USB external hard drive, or does it have to be a flash drive?
iv. Once the recovery key has been created, can the key then be copied to other locations or is it only going to work where Bitlocker puts the key?
v. Just thinking about printing the recovery key - can this be used without a password to access the drive, how sensitive/important is the printed key?
I turned on Bitlocker on three new Windows 8.1 laptops and saved the 48-digit recovery keys and associated identifiers, but I forgot to indicate which laptops they are associated with. Is there any way to find the identifiers/recovery keys on my laptops so I can document this? Or do I have to decrypt the laptop drives, turn off Bitlocker, and start all over again to generate new identifiers/recovery keys? My only options under Manage Bitlocker are Suspend protection, Back up your recovery key, and Turn off BitLocker.
I recently upgraded my windows 8.1 to windows 8.1 pro as I wanted to enable bitlocker encryption on the laptop.
The issue is that I can't seem to enable or find bitlocker in any of the area's outlined. When I try to right click on the C: drive I don't have an option for bitlocker. When I go into control panel, there's no bitlocker icon. When I do a search on the machine for bitlocker I do get a "manage bitlocker" icon, but it's doesn't do anything when I click on it.
I have followed the tutorial on this site and downloaded/installed the reg files to enable it on a non tpm device. Can see that they did update the policy on the machine, but still no joy.
When I go into PC info on the machine in question I don't see anything about bitlocker. It's like it's not there. Do you have to add a windows feature to enable it?
We are facing an issue with bitlocker on Windows 8 machines since its not encrypting Hard disks through GPO. we are getting the below error on the log files
failed to initiate drive encryption with the following exit code: 80070057
We are using the same GPO for windows 7 machines and its working completely fine and also Bitlcoker_to_go is working fine with both OS's.
Is there anything specific in GPO to check for bitlocker encryption in windows 8?
I've recently encrypted my main drive, and all is well. However, I would like to be able to encrypt one of my data drives as well and bitlocker isn't even detecting the drive's existence under "Fixed Drives"
I'm on windows 8.1 machine, the encrypted main drive is a SSD drive, and the data drive is a regular WD spinning drive SATA drive. I would like to have the WD data drive encrypted as well...
I have Windows 8.1 Core and Enterprise dual booted. Now, the real question here is, well I've read online that Windows 8.1 had finally added some of the encryption functionality of Bitlocker in a limited sense setup and turned on by default in all editions of Windows including Core - similar to how it does this with RT. The thing is on that point I've read about this, but no-one on the internet seems to know how to describe this functionality with more detail than just a mention of the existence of this.
Yes, I know Windows 8.1 is a brand new OS - so new that it won't be available to the normal public for another month and a half. And yes, I know, this RTM is still incomplete and when it will be complete within this next month and half maybe some of these new features (like the default limited Bitlocker as well as the Wifi hotspot functionality (which I figured out how to setup with Powershell, but there's no easy and normal way to go about doing this (how are normal people going to set it up? Normal people are afraid of Powershell/Command Prompt! Microsoft knows this - so I assume they'll address these concerns, and if they don't - there employees and executives must be smoking crack cocaine))).
But, what I'm getting at is this - is it safe for me to set up Bitlocker on the Enterprise edition/drive and let the Core edition/drive be as it is now? Is there a specific way I should go about doing this? If my concern on this is warranted - and it's a dangerous thing to try to do - which could have negative and unwanted consequences - than maybe I should just remove Enterprise, well if I should, then suggest that too. I like Bitlocker encryption for my more sensitive data - but I also like this Windows To Go feature as well. I would remove Enterprise if it's probably the best option. I am concerned of this too because I remember reading years ago that in reality having a dual boot setup of 2 editions of the same version of Windows (or just 2 editions of different versions) was/is actually something that isn't a good idea to have setup because it messes with the 2 versions of Windows somehow and drive C:, but I assume that as time has passed and technology has advanced maybe those issues that were authentic issues in the past might've been addressed with the new technology - but am unsure of this.
So, basically, the real question is - is dual booting these 2 editions of Windows safe in the new world of today with these new technologies - and if it is - is having the full Bitlocker functionality with Enterprise setup and having the Core OS setup as the main OS as well - safe?
Recently upgraded to Windows OS 8.1 Pro and cannot encrypt my HP external hard drive. Encryption pauses and states that disk has errors and please run chkdsk. Ran chkdsk and no errors found. Had no difficulty encrypting the C drive with the OS.
I am "fresh" with BitLocker encryption. I need to encrpyt OS drive of laptop with Windows 8.1 and TPM chip. I have read few articles about encryption of OS drives with BitLocker ( with TPM / without TPM ) but never got a direct answer to my questions. So ... I want to ask:
1. Is it possible to encrypt the drive without using the TPM in case that there is TPM chip in the laptop because from what I have read BitLocker work with TPM by default but I don't want to use it. I have had already encrypt other laptops without TPM chips by setting up the group policies ( Computer Configuration Administrative Templates Windows Components Bit Locker Drive Encryption Operating System Drives and double click on Require additional authentication at startup ) and ... is it possible something like this to be made in this case ( when the laptop have TPM in it ).
What I want is the user to be asked for password on startup, recovery key to be saved to a file on external device( not to use usb flash drive as a key ) and to be possible simply to change my HDD in the future without need to manage TPM.
If this is not possible ... here is my second question:
2. Can I setup encryption with TPM like that: - user to be asked for PASSWORD on startup - recovery key to be saved to a file ( I don't want every time to use usb flash drive with recovery on it to unlock the drive ... what I want is just user to be asked for a password and when he enter the correct password the drive to be unlocked ).
After I restored to default settings in the bios , I get into this problem of bitlocker requiring the key to start. I tried to suspend bit locker but bit locker management is not available . OS is win 8.1 , product is Dell Venue Pro 11 Tablet.
When I tried to use elevated command to disable bitlocker , the system does not recognize "protectors" in the command line.
What am I to do? I am sick of entering the very long Key , each time I bootup ...
I have BitLocker enabled on a laptop's boot/OS drive. It has worked well for almost a year but it hung when shutting down the other day and I had to press and hold the power button for 4 seconds to power it off. Now when I power it back on, it asks for the password as normal but then it starts in recovery mode and asks for the recovery key as well. Unfortunately I do not have the recovery key.
I know that the password I am entering is correct because it rejects any other password (as would be expected) and only prompts for the recovery key when I enter the correct password.
Am I going to be able to recover my data without this recovery key it is asking for?
I activated Bitlocker for my Operating system drive on a Windows 8 machine. But when starting the process I only can back up the recovery key. I have no dialog to choose how to unlock the drive. Thus even though Bitlocker is running, the PC can be turned and windows can be accessed by common user authentication. No password prompt appears at an early instant of the boot-process.
My issue first originates with going through the windows 8.1 store app to upgrade windows 8 -> to windows 8.1.
"turn off bitlocker because it isn't supported in the edition of windows you want to install"
I am not sure whether i encrypted the drives after installing windows 8 or in windows 7, nevertheless i do know the encryption passwords to the drives. The biggest problem is therefore trying to remove/disable the encryption to upgrade.
The Applet in the control panel is missing for some reason. I have seen some guides which rely on this applet which is usually situated between auto play and colour management.
I would like to remove/disable the encryption for the upgrade, or confirm the idea that if i disconnect the two drives that are encrypted i could upgrade the OS to 8.1 and wouldn't need to worry about the encryption. The concern is that the 8.1 OS would not read the drives hence the upgrading message.
My specs are this , related to Bitlocker:
Windows 8 64bit - standard (non-enterprise, pro)Hard drives:1 X 128GB SSD - C:/ windows installed here ** NOT ENCRYPTED **1 X 2TB HDD - D:/ + E:/ **ENCRYPTED**1 X 3TB HDD - F:/ **ENCRYPTED**
I'm seeking full-disk encryption software. I want to encrypt the volume that my Windows installation is on.
First of all, does Bitlocker come on the home edition of Windows 8.1? I recall on previous versions it was only available in the Pro editions.
However, I would prefer to use an open-source disk encryption solution. I've searched but I have not found any that can encryption the Windows installation volume, the ones I found (such as TrueCrypt) can only set up additional encrypted partitions which is no good for me.
I have a Microsoft Surface Pro 2 and I am running Windows 8.1 Pro Update 1.
I have been unsuccessful at building a WinPE image that provides BitLocker support. I searched around the internet and found many posts. Eventually, I ended up trying to build it with the various added packages I discovered in the various posts. However, in the end, none worked and this is the message I am getting after booting into my WinPE environment:
manage-bde.exe - Application Error
The instruction at 0xa20afa3b referenced memory at 0x0000013d. The memory could not be read. Click on OK to terminate the program
Here are the commands I eventually ended up using to build my WinPE image:
I have a Windows 8 Pro laptop with a single SSD. I just encrypted the entire drive using Bitlocker. The process prompted me to save the recovery key, which I did to an external drive. The encryption was successful but nowhere during the process was I prompted to choose a password. So I have the drive encrypted but when I reboot it does so normally without asking me for a key or password to access the drive.
I pay a used laptop Sony Vaio SVF 143100c from china , they install windows 8 Enterbrise and no other software or drivers
when I check I found a recovery volume on the hard disk I assign this volume and copy all the recovery content to external Hard disk, size is 18 GB
and the product key is valid for Win 8 RTM CoreCountrySpecific OEMM,
I don't have a Recovery Media disk or usb to return to Factory condition, how to create a recovery disk to access tis image and re install tis laptop to Factory condition
I did a fresh install of Windows 8.1 pro and activated it.After that i upgarded to windows media center pack.Now my OS is Windows 8.1 pro with Media center,But Bitlocker is missing from the control panel,i can't find it anywhere.
I use Windows 8 PRO and BitLocker to encrypt my system drive. My notebook hasn't TPM module, so I changed group rules and allow to use BitLocker without TPM. I enabled BitLocker, write key backup to flash drive and use PIN to unlock BitLocker.
Everything works fine except one think... when I start computer, there is BitLocker start screen and I must write PIN.
Always, really ALWAYS first-time password is invalid. Tried to write it very, very slow and I'm sure its correct... but BitLocker said it isn't.
I must delete it and write again... click enter and... pass is valid! I try to use insert to show password - in this case, first-time password are correct and Bitlocker accepts its. Unfortunatelly, it isn't secure method.
See, my little brother accidentally formatted an encrypted partition of my HDD (Disk drive D: 100 GB to be exact) which contained really important data that I need back! It had all of my photographs from the past 5 years (which I was too lazy to back up on cloud storage).
Would this recover the lost data? I do have the password and the recovery key. I hope this works...
o.k. long story short before installing 8.1.1 in my real environment i tested it out extensively in vm. i found out that if you get past a certain point with the windows updates bitdefender will not install, if you install bd prior to a certain point it installs and works great even after you do the rest of the windows updates. How to get it installed and working correctly in a fully updated 8.1.1? i have eset smart security in, but i'd rather have my bitdefender.
I have a laptop that has win 8 but not the Pro version.And it apparently does not have Bitlocker on it.
I have the win 8 Pro upgrade software but i think its the full version which i bought for another pc.And the upgrading instructions on the outside of the box talks about upgrading from vista or xp only.I am running win 8.
The only reason I am wanting to upgrade to win 8 Pro is to have Bitlocker.
Is it not possible to install the win 8 Pro OS?
Or is there another way of obtaining Bitlocker?
Its an acer laptop. The system info says: The system type is a "x64 based-pc" Celeron cpu 1017u 1.6 ghz,2 cores,2 logical processors, Win 8 version is 6.2.9200 build 9200
Anyways, my machine is running win7 HP with the drive bitlockered, can i just go install Windows 8 straightaway or do i have to decrypt and disable bitlocker first?
If you have a recovery drive - that includes the recovery partition - made on one computer, but have a toshiba laptop with a bad drive (but the recovery partition is ok), can you replace/copy the partition on the recovery drive with the recovery partition from the bad laptop HD?
My friend's laptop would not boot, and would not factory recover, reset, or refresh. I tried to clone the hard drive before I started messing with the disc. It would not clone, but I was able to copy the recovery partition to a USB drive.
He never make recovery discs, so could not re-install, but I can borrow the recovery drive that my aunt made for her laptop.
've always been a Mac user, and now I'm thinking of switching to a Sony Vaio laptop running Windows 8
I don't do a lot of heavy gaming but I do play Minecraft. I looked at the specs of that laptop, it was Core i5 processor at 1.8/2.7 GHz 4gb ram and nvidia GeForce graphics card dedicated with 2gb. Will these specs be enough to run Minecraft without any lag? Also, why did it say 1.8/2.7 GHz? Which one is it?
I am trying to create recovery discs from "Dell backup and Recovery application" however when i was asked to insert the second DVD,the optical drive keeps rejecting the DVD. The application will not continue to burn the second DVD and appears to be frozen. I tried with different brands/makers of DVD and also -/+ R. Unfortunately .Issue remains. I was able to find this article 593906 Published on 2013-01-21 ( relative link [URL]... ).
Although i have done the updates ,i am still not able to create recovery discs !! Current Issue: after inserting the 3rd Disc application gives the following message "Dbr.exe -No disc found" and stays there and rejects the DVD. I spoke with Dell's Greek Support team. I was told that warranty does not cover sw support even if my unit is less than a week old. Furthermore i was informed that although "Dell backup and recovery" application says DELL is not actually a Dell product thus they can't support it. They suggested my to use windows 7 file recovery instead (which needs at least 8 DVDs !).
Which registry settings should I change to set the top two default Windows rules back to 'Unrestricted' ?
I set up some rules in the local security policy some time ago when there was fuss in the news about the cryptolocker virus. They looked a lot like the rules above (I found that screenshot online as I can't take one myself, read on..)
Today I was installing some software that wanted access to the areas I restricted. I temporarily disabled the rules, then re-enabled them. Being a dumbass I also set the top two rules (which are Windows default rules) to Disallowed!
Over the following 10 minutes various aspects of my PC stopped working, telling me that the local security policy prevented access. I couldn't even get into the Control Panel or the Local Security Policy screen to change it back, once I realised what I had done. I rebooted the machine - it won't come back up
I've tried a system restore by booting from the installer on USB (which did not work, it grumbled that it could not restore due a file locked by anti-virus) so I think I've got two options:
Refresh my system using the Windows 8 tools - but I suspect that might leave the LSP rules in place, as it retains my settings & preferences.Hand edit the registry to correct the settings.
Option 2 is looking best, I can get into RegEdit from the recovery console, but I'm not sure what to edit and what to set it to? This is on Windows 8.1 Pro...