When Should You Change Your BitLocker Password and How Do You Change It?

When Should You Change Your BitLocker Password and How Do You Change It?
Page content

You don’t need to change your BitLocker password as often as an online account, because the drive requires physical access and its password isn’t as exposed to interception. However, there are times you will need or want to change it.

The first obvious scenario is when your password is compromised. Perhaps you willingly gave the password to your (now) ex and are rethinking your folly, or maybe someone hovered behind you as you typed it. Alternatively, if your computer was infected with a keylogger any typed text, including your BitLocker password, could have been recorded and transmitted to a third party. In such cases, changing your password should be a top priority, especially if someone that has acquired your password also has physical access to your drives.

Another common reason is to improve the strength of your password. It is often said that encryption is only as strong as your password, so if you are rethinking that easy-to-remember “12345678” password, you’ll definitely want to change it.

You may also need to change a forgotten password, although you will need to authenticate the drive first. Authentication isn’t a problem for USB drives that are set to auto-unlock; simply insert the drive into a computer for which auto-unlock is enabled and you are in. Without that feature, you will need the recovery key.

Once you have authenticated the drive, changing the password is a logical process, but it could affect computers that have Auto-Unlock enabled. If the drive is set to auto-unlock, the new password is automatically configured for the computer on which you changed it. You will need to reconfigure auto-unlock on any other computers, which requires re-authenticating the drive on the computer and selecting Auto-Unlock from the More Options list.

Changing Your BitLocker Password

Press Win-X and select Control Panel, then click System and Security. Select BitLocker Drive Encryption to open the BitLocker Drive Encryption manager.

Click the drive for which you want to change the password.

Click Unlock Drive, assuming the drive isn’t already unlocked, and enter your password. If you forgot your password, click More Options in the authentication window, click Enter Recovery Key, type your 48-digit recovery key and click Unlock. This recovery key might have been saved to your Microsoft account, saved to a file or printed out.

Click Change Password from the list of options. This option does not exist for operating system drives that are authenticated with a USB drive.

Enter the old password, followed by the new password (entered twice), and then click Change Password to establish the new password. If you don’t remember the old password, which could be the case when you auto-unlock a USB drive, click Reset a Forgotten Password. Doing so allows you to enter a new password without first entering the old password.