Note: It isn't absolutely necessary to unlock a BitLocker encrypted drive when restoring an image of the encrypted partition. The partition will restore without problems but will require re-encrypting on reboot.
Macrium Reflect can include the components and decryption keys necessary automatically to unlock Microsoft BitLocker encrypted drives in Windows PE.
In the Rescue Media Wizard select 'Include optional components' and 'Automatically unlock BitLocker encrypted drives'
When Windows PE starts any BitLocker unlocked drives that are were attached when the recovery media was created will be automatically unlocked in PE.
Automatically unlocking encrypted drives when PE starts may present an unacceptable security risk for some users. Automatic unlocking requires no user intervention and the Macrium Reflect boot menu is able to access encrypted drives without password entry. An alternative method is to de-select the 'Automatically unlock BitLocker encrypted drives' option in the rescue media Wizard:
You can then save BitLocker Encryption Key files (.BEK) and/or BitLocker password TXT files to the root of any USB stick. This could also be a Windows PE rescue media USB stick.
After choosing the USB device you want to save the Recovery Key file to, click ‘Save’ and then ‘Finish’ in the BitLocker Drive encryption wizard. This action will save a .BEK file and/or a recovery password text file to the chosen USB device.
|Note: The .BEK file is a protected operating system file, it is hidden by default and won't be visible within Windows Explorer. it can be made visible by changing Folder Options and de-selecting the option to ‘Hide Protected operating system files’.|
You can add as many keys as you have encrypted drives.
When Windows PE starts ensure that your USB flash drive is attached to your PC. Your encrypted drives will then be automatically unlocked when Macrium Reflect initializes.