Get free tech support from Lifehacker’s Senior Technology Editor
Do you have a tech question keeping you up at night? We’d love to answer it in a future Tech 911 column! Describe your problem in an email to [email protected], and make sure you put “Tech 911″ in the subject line.
Encryption is a wonderful thing. While I don’t run full-drive encryption on my Windows desktop at home—courtesy of BitLocker—that’s only because I’m the only one who ever uses my system and I don’t really keep anything of value on it. (All my personal documents and anything I would otherwise encrypt live on a NAS box that’s usually powered down.)
I do this partly because I’m lazy, partly because I want peak performance from my PC, and partly because I dread the day when encryption fucks up—or I’m absentminded about everything I have to do if or when I need to reinstall Windows 10—and I can’t access my data.
It’s a situation Lifehacker reader Jon is all too familiar with. As he writes for this week’s Tech 911 Q&A:
“I have a Western Digital external hard drive and a folder on the hard drive is encrypted with Windows Bitlocker. I forgot I did this, reinstalled windows, and no longer can access the files. Is there a way to fix this?”
You did write down your recovery key, right?
This is the exact kind of scenario I don’t want to deal with, which is why I prefer to not use Bitlocker. I’ll stick to something like VeraCrypt, just so my operating system isn’t tied to the encryption process. That, and I only have to remember one gigantic password, which I can store in a password manager, write down and tape under my desk, or save via whatever other spy-proof method you can think of.
You should have been prompted to save a BitLocker recovery key when you enabled encryption on your external drive. If you can’t remember doing so, or you have no idea where you stashed that key, that’s the primary problem we’ll be dealing with.
Unlocking an encrypted drive is simple. In theory, all you have to do is fire up File Explorer, right-click on the drive, and unlock it. You’ll be prompted to enter the password or PIN you set up when you initialized BitLocker, and that’s it.
If you don’t know the password or PIN you used to set up BitLocker, that’s where the recovery key comes into the picture. It’s basically your digital life preserver. If you don’t have it, you’re sunk. That’s the nature of encryption. Were there an easy way to bypass it and get access to your files, well, what would be the point of encrypting the drive, then? Anyone with physical or remote access to your system could zip right into your data after a few minutes’ work, completely invalidating the point of a recovery key to begin with.
That all said, you have one lifeline even if all this talk of a recovery key doesn’t jog your memory. It’s possible that you might have saved said key to your Microsoft account when you set up your BitLocker encryption. If so, you’ll be able to find it at this link. Microsoft’s archive of keys is pretty comprehensive, provided you ever saved it to your account. I just looked at the link and found my keys for years-old desktop PCs.
If it’s not there, and you have no other memory of where you might have stored said key, consider your data gone. Well, it’s technically still there, you just have no way of gaining access to it. And, no, there are no workarounds you can use, nor brute-force techniques you can try, to restore access. As the developers of the popular M3 Data Recovery tool describe:
“As we know, BitLocker is a disk-level encryption solution. So if you forgot BitLocker password and lost BitLocker recovery key, data recovery software (Including M3 BitLocker Recovery) doesn’t and won’t break into your BitLocker-encrypted drive. This is as much of a policy issue as it is a technological limitation.”
I’m hopeful that link will help you out. If not, you might want to run through the common passwords you favor to see if you possibly used one of them when setting up your BitLocker drive. Other than that, this is a valuable reminder that even external drives should be backed up somewhere—ideally to an unencrypted location that you’re protecting with physical access, or even some kind of cloud-storage provider that can handle encryption itself.
Do you have a tech question keeping you up at night? Tired of troubleshooting your Windows or Mac? Looking for advice on apps, browser extensions, or utilities to accomplish a particular task? Let us know! Tell us in the comments below or email [email protected].