5 Ways to Unlock a BitLocker Encrypted Hard Drive in Windows 10. Normally, a BitLocker encrypted drive is automatically locked every time you connect it to your computer or restart your computer. So, unless you have auto-unlock enabled for your BitLocker encrypted drive, you must manually unlock it to access the files inside. In this article, we will show you five different ways to unlock a BitLocker encrypted drive in Windows 10.
Note: Whether method is used, you must have your password, smart card, or recovery key. If you don’t have any of them, you won’t be able to unlock the BitLocker encrypted drive.
Table of Contents
There are 5 ways to unlock BitLocker encrypted hard drive
Method 1: Unlock BitLocker Encrypted Drive from File Explorer
Step 1: Open File Explorer and go to This PC. Locate the BitLocker encrypted hard drive with the yellow padlock, then double-click it or right-click it and select Unlock Drive .
Bước 2: Một cửa sổ BitLocker nhỏ xuất hiện ở góc trên bên phải màn hình, yêu cầu bạn nhập mã khóa để mở khóa ổ đĩa này. Nhập mật khẩu BitLocker hoặc khóa khôi phục của bạn, sau đó nhấp vào Mở khóa . Ổ đĩa sẽ được mở khóa ngay lập tức.
Method 2: Unlock BitLocker Encrypted Drives from Control Panel
Step 1: Open Control Panel and go to System and Security > BitLocker Drive Encryption.
Step 2: On the BitLocker Drive Encryption panel, locate the BitLocker enabled drive, then click Unlock drive. Similarly, a small BitLocker window will display. Just enter your BitLocker password or recovery key, then click Unlock to unlock the drive.
Method 3: Unlock BitLocker Encrypted Hard Drive with BitLocker Reader
Step 3: A small dialog box opens. Select the “Use password” option, enter your BitLocker password, then click Unlock. Of course, you can also select the Recovery Key option, then enter your recovery key to unlock the drive.
Step 4: The BitLocker encrypted drive is successfully unlocked and you can exit the tool.
Tip: iSumsoft BitLocker Reader also has Mac version which helps you unlock BitLocker encrypted drives in macOS . This is useful because macOS does not support BitLocker under normal circumstances.
Method 4: Unlock BitLocker Encrypted Drive with Command Prompt
Step 1: Type cmd in the “Type here to search” box on the left side of the taskbar. When the Command Prompt appears in the list of search results, right-click it and select Run as administrator . This will open Command Prompt as administrator.
Step 2: In the Command Prompt window, type manage-bde -unlock E: -password and press Enter. When you are prompted for a password to unlock this volume, type your correct password and press Enter. The drive will be unlocked successfully.
manage-bde -unlock E: -RecoveryPassword Your-BitLocker-Recovery-Key
Method 5: Unlock BitLocker Encrypted Drives Using Windows PowerShell
Step 1: Press Win + X and select Windows PowerShell (admin) from the menu.
Step 2: In the PowerShell window that opens, type the following command and press Enter. When you are prompted for a password, enter your correct BitLocker password and press Enter. The drive will be unlocked successfully.
Unlock-BitLocker -MountPoint “E:” -Password (Read-Host “Enter Password” -AsSecureString)
If you want to use your BitLocker recovery key to unlock the drive, type the following command and press Enter. Replace “Your_BitLocker_Recovery_Key” with your actual recovery key.
Unlock-BitLocker -MountPoint “E:” -RecoveryPassword Your_BitLocker_Recovery_Key
Good luck.
OpenCL BitLocker
BitLocker is a full-disk encryption feature available in recent Windows versions (Vista, 7, 8.1 and 10) Ultimate, Pro and Enterprise.
BitLocker-OpenCL format attacks memory units encrypted using the User Password (see the following picture) or the Recovery Password authentication methods.
Our attack has been tested on several memory devices encrypted with BitLocker on Windows 7, 8.1 and 10 (both compatible and not compatible mode).
You can find the standalone CUDA implementation here: https://github.com/e-ago/bitcracker
User Password authentication method
With this authentication method, the user can choose to encrypt a memory device by means of a password.
To find the password used during the encryption, see Step 2: Extract the hash
Recovery Password authentication method
During the encryption of a memory device, (regardless the authentication method) BitLocker asks the user to store somewhere a Recovery Password that can be used to restore the access to the encrypted memory unit in the event that she/he can’t unlock the drive normally. Thus the Recovery Password is a common factor for all the authentication methods and it consists of a 48-digit key like this:
236808-089419-192665-495704-618299-073414-538373-542366
To find the correct Recovery Password, see Step 2: Extract the hash. For further details, see also Microsoft docs.
Step 1: Get the image of your encrypted memory device
In order to start the attack, you need to extract the image of your memory device encrypted with BitLocker. For example, you can use the dd command:
sudo dd if=/dev/disk2 of=/path/to/imageEncrypted conv=noerror,sync 4030464+0 records in 4030464+0 records out 2063597568 bytes transferred in 292.749849 secs (7049013 bytes/sec)
Step 2: Extract the hash
In order to use the BitLocker-OpenCL format, you must produce a well-formatted hash of your encrypted image. Use the bitlocker2john tool (john repo) to extract the hash from the password protected BitLocker encrypted volumes.
$ ../run/bitlocker2john -i /path/to/imageEncrypted Opening file /path/to/imageEncrypted Signature found at 0x00010003 Version: 8 Invalid version, looking for a signature with valid version... Signature found at 0x02110000 Version: 2 (Windows 7 or later) VMK entry found at 0x021100d2 VMK encrypted with user password found! VMK encrypted with AES-CCM VMK entry found at 0x021101b2 VMK encrypted with Recovery key found! VMK encrypted with AES-CCM $bitlocker$0$16$a149a1c91be871e9783f51b59fd9db88$1048576$12$b0adb333606cd30103000000$60$c1633c8f7eb721ff42e3c29c3daea6da0189198af15161975f8d00b8933681d93edc7e63f36b917cdb73285f889b9bb37462a40c1f8c7857eddf2f0e $bitlocker$1$16$a149a1c91be871e9783f51b59fd9db88$1048576$12$b0adb333606cd30103000000$60$c1633c8f7eb721ff42e3c29c3daea6da0189198af15161975f8d00b8933681d93edc7e63f36b917cdb73285f889b9bb37462a40c1f8c7857eddf2f0e $bitlocker$2$16$2f8c9fbd1ed2c1f4f034824f418f270b$1048576$12$b0adb333606cd30106000000$60$8323c561e4ef83609aa9aa409ec5af460d784ce3f836e06cec26eed1413667c94a2f6d4f93d860575498aa7ccdc43a964f47077239998feb0303105d $bitlocker$3$16$2f8c9fbd1ed2c1f4f034824f418f270b$1048576$12$b0adb333606cd30106000000$60$8323c561e4ef83609aa9aa409ec5af460d784ce3f836e06cec26eed1413667c94a2f6d4f93d860575498aa7ccdc43a964f47077239998feb0303105d
As shown in the example, it returns 4 output hashes with different prefix:
-
If the device was encrypted using the User Password authentication method, bitlocker2john prints those 2 hashes:
-
$bitlocker$0$… : it starts the User Password fast attack mode (see User Password Section)
-
$bitlocker$1$… : it starts the User Password attack mode with MAC verification (slower execution, no false positives)
-
-
In any case, bitlocker2john prints those 2 hashes:
-
$bitlocker$2$… : it starts the Recovery Password fast attack mode (see Recovery Password Section)
-
$bitlocker$3$… : it starts the Recovery Password attack mode with MAC verification (slower execution, no false positives)
-
Samples BitLocker images for testing are available here:
Step 3: Attack!
Use the BitLocker-OpenCL format specifying the hash file:
./john --format=bitlocker-opencl --wordlist=wordlist target_hash
Currently, this format is able to evaluate passwords having length between 8 (minimum password length) and 55 characters (implementation reasons). We will increase the max passwords size in the next release.
The mask you can use to generate Recovery Password is:
-mask=?d?d?d?d?d?d[-]?d?d?d?d?d?d[-]?d?d?d?d?d?d[-]?d?d?d?d?d?d[-]?d?d?d?d?d?d[-]?d?d?d?d?d?d[-]?d?d?d?d?d?d[-]?d?d?d?d?d?d
Samples of User Password/Recovery Passwords dictionaries you can user are available here: https://github.com/e-ago/bitcracker/tree/master/Dictionary
Output
An output example is:
./john --format=bitlocker-opencl --wordlist=wordlist hash Device 0: Tesla K80 Using default input encoding: UTF-8 Loaded 1 password hash (bitlocker-opencl [SHA-256 AES OpenCL]) Note: minimum length forced to 8 Press 'q' or Ctrl-C to abort, almost any other key for status password@123 (?)
This OpenCL implementation has been tested on a GPU NVIDIA GeForce Titan X (Openwall), GPU AMD Radeon HD 7990 Malta and an Intel Core i7 CPU. For additional information about performance, see https://github.com/e-ago/bitcracker#performance
Updates and changelog
12/19/2017
-
Now BitLocker-OpenCL supports 4 different attack modes: User Password fast attack, User Password with MAC verification (performance decreased), Recovery Password, Recovery Password with MAC verification (performance decreased)
-
Max password length increased to 55
Next Update:
-
Provide a Recovery Password dictionary
References, license and contacts
BitCracker OpenCL version developed by Elenago <elena dot ago at gmail dot com> in 2015
Copyright © 2015-2017 Elenago and Massimo Bernaschi (National Research Council of Italy), <massimo dot bernaschi at gmail dot com>
Licensed under GPLv2
You can find the standalone CUDA implementation here: https://github.com/e-ago/bitcracker
This is a research project; for any additional info or to report any bug please contact <elena dot ago at gmail dot com>
cracking bitlocker reddit, how to decrypt bitlocker encrypted drive, how to unlock bitlocker without password and recovery key reddit, bitlocker$3, bitlocker cracking tool, how secure is bitlocker, how to recover bitlocker encrypted drive, how to open encrypted drive
