How To Retrieve A BitLocker Recovery Key

Owned by Terrence S Miller
Last updated: Jan 02, 2020 by Micah Hibdon
2 min read

This article describes the process to follow to request a BitLocker recovery key from the Microsoft BitLocker Administration and Monitoring (MBAM) web application.

Step-by-step guide

Consider the following scenario:

A user modifies the boot order on their BitLocker encrypted laptop. Following modification of the boot order, the computer prompts for a recovery key upon startup. Below are the instructions to obtain a recovery key that will allow the computer to boot.

  1. Open a Chrome and navigate the MBAM web application at: https://bitlocker.euc.it.umich.edu/HelpDesk/KeyRecoveryPage.aspx
  2. When prompted to log on, enter your Platform as a Service administrator credential. For the user name, be sure to preface the account name with "UMROOT\".
  3. Once logged on to the MBAM web application, select Drive Recovery from the list of options on the left nav bar:T
  4. In the Drive Recovery screen, ignore the fields for User Domain and User ID. On the computer that requires a recovery key, there should a Key ID that is displayed on the console. Enter the first 8 characters of the Key ID in the Key ID field, and select a Reason for Drive Unlock in the drop down menu:
  5. The MBAM web application should return the recovery key that you can enter at the console of the affected computer.