Retrieving Bitlocker Recovery Key from Azure AD

Azure AD Join in Microsoft Azure Active Directory that allows organizations to extend their traditional on-premises Active Directory to the cloud. Bitlocker encryption is enabled by default and keys are backed up to Azure AD.

Changes to UEFI settings, changes in hardware, attempts to bypass boot process via changing the boot order, suspicious activities all can generate bitlocker recovery key process.

Steps to recover Bitlocker keys,

1. login to and click on devices.

2. Under all devices, click on the device you would like to recover the recovery key.

3. Select Bitlocker keys (Preview)

4. Click on “Show Recovery Key”

5. Click on “Copy to clipboard”, paste and save the recovery key to temporary location.

6. Verify the Recovery ID and ensures it matches, then enter key copied earlier.