Change default location for saving BitLocker Recovery Key

If you have used BitLocker Drive Encryption feature on your Windows system, you might have noticed that when you save the BitLocker Recovery Key, it is the Desktop that is the default location. For some systems, which are part of domain, this default location for saving BitLocker Recovery Key, is a top level folder and easily viewable. Many of you might want to change this in-built setting, because not every user will prefer to save their recovery key on the Desktop, since there are chances that other users may use this Recovery Key to decrypt the drives and obtain the data inside it.

Customize-BitLocker-Recovery-Key-Location

Choose default folder for saving BitLocker Recovery Key password

If you have to work with the BitLocker feature frequently, then for the security purpose you must opt for a different default Recovery Key saving location, which others will not be able to guess. This will save your time in moving the key each time and enhance your security too. Here are the two ways using which you can make this possible:

Using Group Policy

1. In Windows 7 or later; Pro & Enterprise Editions, press Windows Key + R combination, type put gpedit.msc in Run dialog box and hit Enter to open the Local Group Policy Editor.

Prevent Store Apps From Pinning To Start Screen When Installed Prevent Users From Resetting Internet Explorer Settings

2. In the left pane, navigate here:

Change default location for saving BitLocker Recovery Key

3. In the right pane of above shown screenshot, look for the Setting named Choose default folder recovery password which is showing Not Configured status by default. Double click on this policy. Next click Enabled, then provide your custom location in the Configure the default folder path section. You can also use system variables for example, %USERPROFILE%\Documents. Click Apply followed by OK.

You may now close the Group Policy Editor and try saving a recovery key for BitLocker at your customized location.

Using Registry Editor

1. Press Windows Key + R combination, type put regedit in Run dialog box and hit Enter to open the Registry Editor.

 Prevent Users From Resetting Internet Explorer Settings

2. Navigate here:

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE

Customize-BRK-Location-3

3. In the above shown Registry Editor window, in the right pane, make a right click and select New -> Expandable String Value. Name this newly created registry string (REG_EXPAND_SZ) as DefaultRecoveryFolderPath. Double click on the same to get this:

Customize-BRK-Location-4

4. Moving on, in the Edit String box so appeared, put your desired custom location where you’d like to save your recovery key by default as Value data. Again, you can use here the system variables like %systemroot%\MyCustomFolder. Click OK after making your choice. You may now close Registry Editor and observe the changes with BitLocker Drive Encryption.

Once you have done this, you will have changed the default folder location for saving the BitLocker Recovery Key in Windows 8 / 7.

Related reads:

  1. How to use BitLocker Drive Preparation Tool using Command Prompt
  2. BitLocker To Go in Windows 8 and Windows 7
  3. Microsoft BitLocker Administration and Monitoring in Windows 8
  4. Recover files & data from inaccessible BitLocker encrypted drive
  5. Encrypt USB Flash Drives with BitLocker To Go
  6. Your Recovery Key Couldn’t Be Saved To This Location error for BitLocker.
Posted by on , in Category Windows with Tags

An Electrical Engineer by profession, Kapil is a Microsoft MVP and a Microsoft Content Creator. Please read the entire post & the comments first & create a system restore point before making any changes to your system.