Bitlocker password 256 characters breaks unlocking


  1. Posts : 2
    Windows 10
       #1

    Bitlocker password 256 characters breaks unlocking


    Hello
    I've run into a little problem with bitlocker password length. Somewhere I read that you can use up to 256 characters for the recovery password so I generated such a password via keepass. The bitlocker UI obviously had no problem with this. After restarting the system and trying to reenter the password i get the message "the password entered is incorrect".
    According to this article BitLocker Passwords Should Be Less Than 100 Characters in Length - TechNet Articles - United States (English) - TechNet Wiki
    passwords will be truncated to 100 characters. I already tried reducing the password to 100 chars without any success.

    To reproduce this problem I enclose the used password here
    Code:
    LLZcZ^~q.~Q4Xa.B&9`Drg:c/evpPr$mSQp?bEL&hyNWb|g~dNBeIg@ZyYGjL/;bx/NO1NMh869nlZ*~OeiHD054i9Ut+z9:p1'?f~dk#`;NI|sWpdm4X%'MS7&a5U3lruHS;;EPAPlh,Mfp~WGP'Qz?~BSZ;pv~yGeWdf@*r:lfaIvFB35Cg1vee'A$koM4U~Kx,2luM,Vx'OHP=9Paj.PpBq_5aA3bn%/KTdo@`9H\mY&CU1ISpBfc%sy"gvH"
    Anybody have any ideas on how to unlock the drive with this password?
      My Computer


  2. Posts : 487
       #2

    I'm not sure I fully understand, as the link you provided already contains the answer?

    If you have used a longer password, after unlocking the drive using the recovery key go to the BitLocker Control Panel and set a new password that is 100 characters or less.

    So, even if you used 256 characters for the main password, is there a reason you can't use the 48 character Bitlocker recovery key (which is different to the main password) to recover the drive?

    You can find a tutorial regarding using the Bitlocker recover key to unlock a drive at the following link:
    http://www.eightforums.com/tutorials...ndows-8-a.html
      My Computer


  3. Posts : 2
    Windows 10
    Thread Starter
       #3

    > is there a reason you can't use the 48 character Bitlocker recovery key (which is different to the main password) to recover the drive?
    Yes, because I simply didn't store it. That wasn't smart, I'm aware. And let that be a lesson for everyone...


    I did however figure it out and perhaps this might help someone else:
    I tried using power shell before but apparently I made an mistake with my earlier attempt.
    >get-help Unlock-BitLocker -examples
    lead me to trying this:
    > $SecureString = ConvertTo-SecureString "fjuksAS1337" -AsPlainText -Force
    > Unlock-BitLocker -MountPoint "E:" -Password $SecureString
    the problem with my password was those special characters (for example " or ´ or $) which need to be escaped.
    Apparently I made an mistake in my first attempt and now I retried it again with this command line:
    > $SecureString = ConvertTo-SecureString "LLZcZ^~q.~Q4Xa.B&9``Drg:c/evpPr`$mSQp?bEL&hyNWb|g~dNBeIg@ZyYGjL/;bx/NO1NMh869nlZ*~OeiHD054i9Ut+z9:p1'?f~dk#``;NI|sWpdm4X%'MS7&a5U3lruHS;;EPAPlh,Mfp~WGP'Qz?~BSZ;pv~yGeWd f@*r:lfaIvFB35Cg1vee'A`$koM4U~Kx,2luM,Vx'OHP=9Paj.PpBq_5aA3bn%/KTdo@``9H\mY&CU1ISpBfc%sy`"gvH`"" -AsPlainText -Force


    so basically this password:
    > LLZcZ^~q.~Q4Xa.B&9`Drg:c/evpPr$mSQp?bEL&hyNWb|g~dNBeIg@ZyYGjL/;bx/NO1NMh869nlZ*~OeiHD054i9Ut+z9:p1'?f~dk#`;NI|sWpdm4X%'MS7&a5U3lruHS;;EPAPlh,Mfp~WGP'Qz?~BSZ;pv~yGeWdf @*r:lfaIvFB35Cg1vee'A$koM4U~Kx,2luM,Vx'OHP=9Paj.PpBq_5aA3bn%/KTdo@`9H\mY&CU1ISpBfc%sy"gvH"
    needed to be escaped to this:
    > LLZcZ^~q.~Q4Xa.B&9``Drg:c/evpPr`$mSQp?bEL&hyNWb|g~dNBeIg@ZyYGjL/;bx/NO1NMh869nlZ*~OeiHD054i9Ut+z9:p1'?f~dk#``;NI|sWpdm4X%'MS7&a5U3lruHS;;EPAPlh,Mfp~WGP'Qz?~BSZ;pv~yGeWd f@*r:lfaIvFB35Cg1vee'A`$koM4U~Kx,2luM,Vx'OHP=9Paj.PpBq_5aA3bn%/KTdo@``9H\mY&CU1ISpBfc%sy`"gvH`"


    I still believe this is an ui bug within bitlocker.
    The dialog to set the new password accepted it without any error.
    Entering the same password in the unlock dialog does however not work.


    Thanks for your help and best regards
    Mathias
      My Computer


  4. Posts : 149
    Windows 10 Pro x64
       #4

    > is there a reason you can't use the 48 character Bitlocker recovery key (which is different to the main password) to recover the drive?
    Yes, because I simply didn't store it. That wasn't smart, I'm aware. And let that be a lesson for everyone...

    It's one of the questions it asks you when setting it up!! How you overlooked it and didn't store it is beyond belief!!
      My Computer


  5. Posts : 471
    Windows 10 Pro
       #5

    Well the op made several errors. Not storing the recovery key is one but it started earlier. Who the .... uses a 256 digits password? I would not expect any program out there accepting such a password. Security is a good thing and long and random passwords are a necessity but 256 digits? Come on, a little bit exaggerated isn't it? Even 20 or so digits are uncrackable in reasonable time with today's processing power.
      My Computer


  6. Posts : 39
    Windows 10 1511
       #6

    Yes, this comes years later...
    It should be pointed out, that the preboot-authentication assumes a US-english keyboard layout.
    Example: you don't have a EN-US keyboard, but a german keyboard, and your bitlocker password was set to Yeah!1999. You would need to enter Zeah!1999, then, because on the en-us layout (qwerty), a "Y" would be found where on the german keyboard (qwertz) a "Z" is placed. So this could be your problem.
      My Computer


  7. Posts : 11,247
    Windows / Linux : Arch Linux
       #7

    Hi folks

    Doesn't help the OP but seriously on a HOME laptop what's the point of Bitlocker --- If you keep sensitive material on removable drives what does it matter if your PC gets stolen etc as the data on it won't be of much use to anybody else since you've not got the device in the machine.

    I can see businesses using some sort of protection on their work supplied PC's and also to ensure that their intellectual property is also protected -- but c'mon guys what on earth do you need this stuff for on ORDINARY Home computers !!/

    I'm sure if people wanted to read for example my usual crop of emails (they probably couldn't anyway as they are on IMAP on the mail server and not on the machine) they'd be BORED TO DEATH after about line 2 on the ist email.

    By all means have a boot password and you can even have a program that scrambles your Windows system after say 3 incorrect password attempts have been tried at logon --that's probably more than enough security.

    Please tell me what you guys HAVE on HOME computers that actually needs bitlocker protection !!!!!! -- Or are you operating as a local station for the CIA or something.

    Just backup Windows regularly and keep anything sensitive on removable media.

    Cheers
    jimbo
    Last edited by jimbo45; 06 Jan 2020 at 06:30.
      My Computer


 

  Related Discussions
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 14:47.
Find Us




Windows 10 Forums