Decrypting Your Hard Disk
After encrypting your hard disk using either BitLocker (Windows) or FileVault (MAC), the software will create a recovery key, this recovery key can be used to decrypt your hard disk, making your data readable.
Basically, when you log in using your user account and password, you unlock the hard disk, making the data readable again and when logged out, the data goes back to encrypted.
If you have a Windows operating system and have saved your recovery key to the cloud, you can find it here:
https://account.microsoft.com/devices/recoverykey
Note that you must be part of a Windows Azure AD Office 365 Domain and have saved the recovery key to that location:
Another option would be saving the recovery key as a PDF file and uploading that file to your Cloud application (such as: Box, DropBox, Google Drive, etc), you would select "Microsoft Print to PDF":
The recovery key for Windows is a 48-digit long random number variation as shown below.
Another option available is to run the Command Prompt as an Administrator and input the following command to retrieve the key for your hard disk -
(Replace C: or H: with the drive you want to check)
manage-bde -protectors C: -get
For a Mac, if you save the recovery key to the iCloud account, you will have the recovery key pinned to your account:
Another option would be saving the recovery key as a file and uploading that file to your Cloud application (such as: Box, DropBox, Google Drive, etc) by selecting "Create a recovery key and do not use my iCloud account".
The recovery key is created during FileVault’s initialization process. It is a system-generated, 24-character alpha-numeric key that is displayed on-screen to the user one time and only during this phase in the process, which is why the user is urged to write down this key for safekeeping. But the key holds a deeper value: If the account or passphrase fails to unlock the disk, the recovery key may be invoked to unlock the disk, providing access to macOS and the decrypted data.
If the recovery key is not documented, recorded improperly, or misplaced, the key will be of little value in recovering the data; this is why it is strongly advised that users safeguard the recovery key at all times. Better still, FileVault 2 deployed in a methodical manner that ensures the key is recorded to a centralized location, or key escrow, so that recovering the data is possible, independent of the users that utilize those computers to complete their work.
If you choose iCloud, the recovery key isn’t stored loosely in iCloud Drive or as a file, but it’s tied into behind-the-scenes account information that Apple maintains. It’s fully encrypted in such a way that even Apple doesn’t have access to the unencrypted recovery key data, but Apple can deliver the encrypted recovery key to your Mac if you need to reset your password.
If your operating system gets corrupted somehow and need to export your data, make sure to create backups for important documents but also of the recovery key as you might be able to recover your operating system back to an active state!
