IN early 2025, Forbes reports investigators at the FBI served Microsoft with a warrant seeking the BitLocker recovery keys for several laptops it believed held evidence of fraud in Guam’s COVID-19 unemployment programme, and Microsoft complied. BitLocker, the full-disk encryption feature in Windows, can be used automatically on Windows 11 devices signed in with a Microsoft account, which also uploads a recovery key to Microsoft’s servers, enabling Microsoft to unlock the disk.
A Microsoft representative said the company handles around “20” similar BitLocker recovery key requests from government authorities per year, with many requests failing because users haven’t stored their recovery keys on Microsoft’s servers.
If you want to encrypt a PC without storing the recovery key with Microsoft, the article outlines needing Windows 11 Pro, upgrading via the Microsoft Store for $99 or by using a valid product key, and then saving the recovery key to a non-Microsoft destination such as a printed copy or a separate file.
The guide then walks through steps to check encryption status, decrypt if needed, enable BitLocker on the C: drive and other volumes, and complete the re-encryption process, noting that the underlying encryption technology remains the same while the recovery key storage location changes.