Hello,

I try to encrypt a drive and set a password with the following command:

manage-bde -on C: -encryptionmethod aes256 -recoverypassword revocerypassword -password password

The problem is, that I always get an error, that the password I specified is "an invalid syntax". It works if I call the command without specifying the password and enter the password later when I am asked:

manage-bde -on C: -encryptionmethod aes256 -recoverypassword revocerypassword -password
Please enter the password: password

Thanks,
Renate

Hi,

That seems a by design behavior for manage-bde, you need to enter revocerypassword password, then input the valid password also it will let you confirm again.

The reason you are getting "invalid syntax" is that the "-Recoverypassword"piece is actual for setting up the 48-digit recovery code.

If you were to perform the BitLocker Drive Encryption process manually through the Control Panel, then you would be given a changc to pick your recovery options. The option to "Save to file" is actually what the command line option "-RecoveryPassword" is.

The link below is to the article about Manage-BDE and the associated parameter flags. Under the "-On" section is where you find reference to the "-RecoveryPassword"

Manage-bde.exe Parameter Reference

In a related posting, other users wish to automate the usage of that 48-digit code into a TXT file. We essentially, map a network drive, run Manage-BDE with command line parameters then output the 48-digit Recovery Password to a TXT file to the mapped drive, with the computer name being the title of the file for easy reference.

Manage-BDE - Create RecoveryPassword or RecoverKey and Save to Mapped Drive.

Enjoy,

Phil Krochmal