Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Question
Tuesday, January 14, 2020 8:09 AM
Hi,
I have changed encryption on my notebook and reactivated it again and I found out afterwards that this will change the Recovery Key ID in my system!!! So, now the recovery key (digit string) I have does not work becasue the recovery key obviously does not match the Recovery Key ID on my system!
As much as I searched for an answer, it seems it is mentioned but no one has discussed it ever! I do not have a back-up of my system and of course I have data I want to retrive so I am wondering either how to resolve this issue or how I can generate a new recovery key for the new Recovery Key ID.
thaks.
All replies (3)
Wednesday, January 15, 2020 8:41 AM
If you decrypt and re-encrypt a drive (if that is what you did?), the recovery key will be changed - that is normal.
The new key will be displayed when re-encrypting.
If you failed to save or print it, as local administrator, you may still retrieve the key at any time.
For example, right click cmd.exe and select "run as administrator". On the command prompt, launch
manage-bde -protectors -get c:
This will display the current recovery key for c:
Wednesday, January 15, 2020 12:35 PM
Hi Roland,
I did decrypt and then re-encrypt the drive and since I did not know the Key ID will change I did not check my Recovery Key and did not save it!
The difficulty with the method you have suggested is that I have restarted the PC and now when I turn it on, it goes to the blue page where it says "Enter the recovery key for this drive" and below that there is a place for me to enter the 48 long digits of Recovery Key and below that is the Key ID. So in short I do not have access to the CMD unless there is a way to get hold of CMD from this blue page.
If it is not possible to get access to CMD, is there any page/place that one can enter the Key ID and receive the Recovery Key 48-digits string?
thanks.
Wednesday, January 15, 2020 12:43 PM
What you face is called recovery mode. Why did you arrive there? Re-encrypting does not imply that you will need the recovery key on next reboot, so what did you change? Did you change the boot order or secure boot? Undo those changes now. Did you upgrade the bios/UEFI firmware? Try to downgrade it again. That is the only way to leave recovery mode.
Please note: When re-encrypting, it was even mandatory to print the key or save it to another drive (not on c:, on a different hard drive altogether!). So you really should have access to it.
Also check your cloud drive in case you use a Microsoft account, they key might be found at https://account.microsoft.com/devices/recoverykey (logon with that very Microsoft account from any other PC).