Hello
I've run into a little problem with bitlocker password length. Somewhere I read that you can use up to 256 characters for the recovery password so I generated such a password via keepass. The bitlocker UI obviously had no problem with this. After restarting the system and trying to reenter the password i get the message "the password entered is incorrect".
According to this article BitLocker Passwords Should Be Less Than 100 Characters in Length - TechNet Articles - United States (English) - TechNet Wiki passwords will be truncated to 100 characters. I already tried reducing the password to 100 chars without any success.
To reproduce this problem I enclose the used password hereAnybody have any ideas on how to unlock the drive with this password?Code:LLZcZ^~q.~Q4Xa.B&9`Drg:c/evpPr$mSQp?bEL&hyNWb|g~dNBeIg@ZyYGjL/;bx/NO1NMh869nlZ*~OeiHD054i9Ut+z9:p1'?f~dk#`;NI|sWpdm4X%'MS7&a5U3lruHS;;EPAPlh,Mfp~WGP'Qz?~BSZ;pv~yGeWdf@*r:lfaIvFB35Cg1vee'A$koM4U~Kx,2luM,Vx'OHP=9Paj.PpBq_5aA3bn%/KTdo@`9HmY&CU1ISpBfc%sy"gvH"
I'm not sure I fully understand, as the link you provided already contains the answer?If you have used a longer password, after unlocking the drive using the recovery key go to the BitLocker Control Panel and set a new password that is 100 characters or less.
So, even if you used 256 characters for the main password, is there a reason you can't use the 48 character Bitlocker recovery key (which is different to the main password) to recover the drive?
You can find a tutorial regarding using the Bitlocker recover key to unlock a drive at the following link:
> is there a reason you can't use the 48 character Bitlocker recovery key (which is different to the main password) to recover the drive?
Yes, because I simply didn't store it. That wasn't smart, I'm aware. And let that be a lesson for everyone...
I did however figure it out and perhaps this might help someone else:
I tried using power shell before but apparently I made an mistake with my earlier attempt.
>get-help Unlock-BitLocker -examples
lead me to trying this:
> $SecureString = ConvertTo-SecureString "fjuksAS1337" -AsPlainText -Force
> Unlock-BitLocker -MountPoint "E:" -Password $SecureString
the problem with my password was those special characters (for example " or ´ or $) which need to be escaped.
Apparently I made an mistake in my first attempt and now I retried it again with this command line:
> $SecureString = ConvertTo-SecureString "LLZcZ^~q.~Q4Xa.B&9``Drg:c/evpPr`$mSQp?bEL&hyNWb|g~dNBeIg@ZyYGjL/;bx/NO1NMh869nlZ*~OeiHD054i9Ut+z9:p1'?f~dk#``;NI|sWpdm4X%'MS7&a5U3lruHS;;EPAPlh,Mfp~WGP'Qz?~BSZ;pv~yGeWd f@*r:lfaIvFB35Cg1vee'A`$koM4U~Kx,2luM,Vx'OHP=9Paj.PpBq_5aA3bn%/KTdo@``9HmY&CU1ISpBfc%sy`"gvH`"" -AsPlainText -Force
so basically this password:
> LLZcZ^~q.~Q4Xa.B&9`Drg:c/evpPr$mSQp?bEL&hyNWb|g~dNBeIg@ZyYGjL/;bx/NO1NMh869nlZ*~OeiHD054i9Ut+z9:p1'?f~dk#`;NI|sWpdm4X%'MS7&a5U3lruHS;;EPAPlh,Mfp~WGP'Qz?~BSZ;pv~yGeWdf @*r:lfaIvFB35Cg1vee'A$koM4U~Kx,2luM,Vx'OHP=9Paj.PpBq_5aA3bn%/KTdo@`9HmY&CU1ISpBfc%sy"gvH"
needed to be escaped to this:
> LLZcZ^~q.~Q4Xa.B&9``Drg:c/evpPr`$mSQp?bEL&hyNWb|g~dNBeIg@ZyYGjL/;bx/NO1NMh869nlZ*~OeiHD054i9Ut+z9:p1'?f~dk#``;NI|sWpdm4X%'MS7&a5U3lruHS;;EPAPlh,Mfp~WGP'Qz?~BSZ;pv~yGeWd f@*r:lfaIvFB35Cg1vee'A`$koM4U~Kx,2luM,Vx'OHP=9Paj.PpBq_5aA3bn%/KTdo@``9HmY&CU1ISpBfc%sy`"gvH`"
I still believe this is an ui bug within bitlocker.
The dialog to set the new password accepted it without any error.
Entering the same password in the unlock dialog does however not work.
Thanks for your help and best regards
Mathias
> is there a reason you can't use the 48 character Bitlocker recovery key (which is different to the main password) to recover the drive?
Yes, because I simply didn't store it. That wasn't smart, I'm aware. And let that be a lesson for everyone...
It's one of the questions it asks you when setting it up!! How you overlooked it and didn't store it is beyond belief!!
Well the op made several errors. Not storing the recovery key is one but it started earlier. Who the .... uses a 256 digits password? I would not expect any program out there accepting such a password. Security is a good thing and long and random passwords are a necessity but 256 digits? Come on, a little bit exaggerated isn't it? Even 20 or so digits are uncrackable in reasonable time with today's processing power.
