Retaining the BitLocker recovery key/password

The recovery key/password is generated during BitLocker setup, and can be saved and printed after BitLocker is enabled. When using BitLocker, always retain the recovery key/password. The recovery key/password is required to enter Recovery Mode after BitLocker detects a possible compromise of system integrity.

To help ensure maximum security, observe the following guidelines when retaining the recovery key/password:

• Always store the recovery key/password in multiple locations.
• Always store copies of the recovery key/password away from the compute module.
• Do not save the recovery key/password on the encrypted hard drive.