This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 8%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Hello everyone,
Where I work we have enabled a group policy that saves all BitLocker passwords automatically to AD for safety and accuracy. One of our laptops restarted and it now requires BitLocker password, and when we tried using the password that was saved automatically in AD it says that it's incorrect? Why would the password that was saved automatically in AD be incorrect? Please help. Thank you.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(108.80000000000001, 77%, 20%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EM%3C/text%3E%3C/svg%3E)
You need to understand that on the Bitlocker recovery dialog, it mentions a recovery key ID. Only if that ID matches the ID of the numerical password that you see saved in AD will the password work.
Probably, the drive was re-encrypted and a different recovery password was created and that time not saved to AD so what you see in AD is an outdated password. You will be able to tell by comparing the recovery password IDs.
