Microsoft is increasingly pushing BitLocker encryption onto new devices. Do you know your BitLocker recovery passwords (keys)?
I’m deploying the following script to to run daily in my RMM tool on all customer computers. It’s just two lines in PowerShell, but it could literally save the day if an encrypted disk needs to be unlocked (e.g. after a BIOS upgrade). As usual, use at your own risk!
'Summary of all volumes with their BitLocker recovery passwords:'
''
Get-BitLockerVolume | ForEach-Object { $_.MountPoint + $_.KeyProtector.RecoveryPassword }
''
'List ALL top-level BitLocker info plus RecoveryPassword details:'
Get-BitLockerVolume | Select-Object * -ExpandProperty KeyProtector | Where-Object KeyProtectorType -eq 'RecoveryPassword'