Windows 7 – Change Bitlocker Recovery Key

The following steps detail how to change your Bitlocker recovery key without decrypting the data on the hard drive.


NOTE: These instructions assume the BitLocker protected drive is the C:\ drive

  1. Open an elevated cmd prompt (From the Start menu, right click on ‘Command Prompt’ and select ‘Run as administrator’)
  2. Windows7-ChangeBitLockerKey1
  3. Run the following command:
  4.  manage-bde C: -protectors -get -type RecoveryPassword
  5. Locate the protector you want to cycle (probably the only one displayed) and copy its ID field (including the curly braces) – tip: to copy you can right-click on the window, select the text then right-click again.
  6. Windows7-ChangeBitLockerKey2
  7. Run the following command, including the ID you copied in the previous step
  8. manage-bde C: -protectors -delete -id [paste the ID you copied here]
  9. Windows7-ChangeBitLockerKey3
  10. The old recovery key has now been removed, you now need to create a new one
  11. Windows7-ChangeBitLockerKey4
  12. Run the following command (leave last section blank to automatically generate a new key)
  13. manage-bde C: -protectors -add -rp [optionally specify the new 48-digit password or enter nothing to have it randomly generated for you]


And you’re done! You’ve changed your recovery password.