Today we’ll describe how to recover data from a damaged hard drive encrypted using Bitlocker. The issue can arise due to the damage of the file system on the encrypted disk (for instance, the damage of the disk area where Bitlocker stores its important information due to an unexpected system shutdown), inability to boot an OS or Bitlocker Recovery Console and the similar failures that prevent normal opening of the encrypted disk. The described problems can occur both to a system disk and to an external removable disk or a USB drive.
To recover data, we will use Repair-bde.exe (BitLocker Repair Tool), a command line utility appeared in Windows 7 / 2008 R2. It is used to access and recover the encrypted data on a damaged disk encrypted with BitLocker.
[tab title=”Contents of this article”]
The Requirements to the Data Recovery from the BitLocker Volume
To recover data from the disk encrypted with BitLocker, you should have at least one of these BitLocker security elements:
- BitLocker recovery password
- Recovery key
- System startup key (Startup key – .bek)
The data will be recovered to a separate disk with at least the same size as the damaged one. During the recovery all the contents of this disk will be deleted and replaced with the decrypted data from the BitLocker volume.
In our example, the disk F: (2 GB in size) is a USB hard drive with the contents encrypted using BitLocker which is not opened due some reason. To recover the data, we mounted an additional external hard disk Data (G:) with the size of 10 GB.
Method 1. Data Recovery Using BitLocker Password
First of all, try to restore your data using this method (it works in Windows 8 / 2012 or higher):
- Run the command prompt with the administrator privileges
- Run the following command:
repair-bde F: G: -pw –Force
, where F: is a disk with the Bitlocker data, and G: is a disk to extract the decrypted data to.
- While executing the command, you’ll have to enter the Bitlocker password (the one a user specifies in the UI to access the encrypted volume).
Method 2. The Decryption of the Bitlocker Volume Using a Recovery Key
To decrypt the Bitlocker-encrypted data stored on the damaged volume, you need a recovery key or a boot key (if the system partition is encrypted).
Or in your account on Microsoft website.
Run the data recovery using this key:
repair-bde F: G: -rp 288209-513086-417508-646412-162954-590672-167552-664563 –Force
If Bitlocker is used to encrypt the Windows system partition and a special boot key from a USB flash drive is used to boot your system, you can decrypt the volume this way:
repair-bde F: G: -rk I:\2F538474-923D-4330-4549-61C32BA53345.BEK –Force
where 2F538474-923D-4330-4549-61C32BA53345.BEK is a key to run the Bitlocker Drive Encryption on the USB flash drive I: (by default, this file is hidden).
After the data recovery and decryption are over, you have to check the disk to which the volume contents has been extracted prior to opening it. To do it, run the following command and wait till the process is complete:
Chkdsk G: /f