Retaining the recovery key/password

The recovery key/password is generated during BitLocker setup, and can be saved and printed after BitLocker is enabled. When using BitLocker, always retain the recovery key/password. The recovery key/password is required to enter Recovery Mode after BitLocker detects a possible compromise of system integrity.

To help ensure maximum security, observe the guidelines listed in the following procedure list when retaining the recovery key/password.

Procedure
  • Always store the recovery key/password in multiple locations.
  • Always store copies of the recovery key/password away from the server.
  • Do not save the recovery key/password on the encrypted hard drive.