Process to retrieve Windows BitLocker Drive Encryption Recovery Key in your Windows 7 machine after you have forgotten your BitLocker PIN.
Before you start
You will require the following before starting the recovery process:
- A second internet-connected device to access the Sophos BitLocker Self-Serve portal (computer, web-enabled cell phone or tablet).
- Enrollment in the Sophos Self-Serve program (you would have received a registration link when your computer was originally encrypted)
- On a Windows 7 machine, you may not have permissions to change your PIN. If you are not prompted for a new PIN, follow the Change your encryption PIN on a Windows 7 computer procedure. If you do not set a new PIN, you will be required to follow this procedure every time you start your computer.
Regain access to your computer using the Self-Serve Recovery Console
Shut down your computer.
- Turn it back on. The BitLocker logon screen appears.
- Press the Esc key while in the BitLocker logon screen.
- On the BitLocker recovery screen, find the Recovery Key ID.
- Using your second device, visit the Sophos Self-Recovery Portal. Login using your username (@uOttawa.ca email address) and Sophos password. If you have forgotten this password, enter your email address and click on the Forgot Password? link. An email will be sent to your @uOttawa.ca address with a recovery link to reset your password.
- Click on the Retrieve link.
- A new window will display the recovery key.
- In the Bitlocker recovery screen on your main computer, carefully enter the 48-digit recovery key displayed on your secondary device and then press the Enter key.
- Once the recovery key is entered successfully, your computer will be unlocked and you will be prompted to login to Windows.
- Once you have logged in, contact the Service Desk (613-562-5800 ext. 6555) with the following information:
- identify that your computer that is encrypted
- using Windows 7
- forgot your PIN/wish to change your PIN.
You will have to repeat the entire procedure if you shut down your computer before being visited by a Deskside analyst to set a new PIN.