BitLocker self-service portal

Summary

When a Computer enters "Recovery Mode" when attempting to start Windows, you can use the Self-Service Portal to retrieve a BitLocker recovery key and regain access to your computer.

There are several reasons a computer may go into BitLocker recovery mode. Some common causes are providing an incorrect password when logging into Windows, an unexpected configuration change, a detected security issue, or hardware malfunction.

Environment

• Windows 10 (WLMS-built)
• Bitlocker

Directions

Please note: Only users who have previously logged into a computer can retrieve its BitLocker recovery key using the Self-Service Portal. For additional support please contact the LSA Technology Services IT Service Desk at 734.615.0100 from 8:00am–5:00pm Monday through Friday.

Please note: LSA Technology Services technicians please use the MBAM Help Desk website.

Before starting, make sure you have at least the first 8 characters of the Recovery Key ID displayed on the BitLocker recovery screen.

1. Open the BitLocker Self-Service link in a new tab or window. You must be on the U-M wired or wireless network, or connected via VPN, to do so.
2. Log in using your U-M username and password.
3. Review the notice, click the checkbox, and click Continue.
4. In the “Enter a BitLocker Key ID” section, enter at least the first 8 characters of the Recovery Key ID into the box and select a reason.
   • If you don't know the reason, select “OS Files Modified.”
5. Enter the provided 48-digit code into the BitLocker recovery screen following the instructions on the screen.
6. Your computer should now boot as it normally would.

To avoid being prompted for the recovery key during following reboots:

1. Log into Windows.
2. Connect your computer to a network with an Internet connection.
3. The software that manages BitLocker will try to automatically reset the hardware lockout and change the recovery password. This may take up to 90 minutes.

Caution: Keep any copies of the recovery password secure and separate from the computer. Securely destroy any copies once you have confirmed that the computer won’t enter recovery mode during following reboots.

Protecting the BitLocker encryption and recover keys help ensure that only an authorized person can unlock the computer. This reduces the risk of having personal, research, or other sensitive data stored on the computer compromised if the device is lost, stolen, or accessed without authorization.