Export (0) Print
Expand All
Expand Minimize
1 out of 1 rated this helpful - Rate this topic

ProtectKeyWithNumericalPassword method of the Win32_EncryptableVolume class

The ProtectKeyWithNumericalPassword method of the Win32_EncryptableVolume class secures the volume's encryption key with a specially formatted 48-digit password. This numerical password can be used to recover from the authentication failures of other key protectors (for example, TPM).

A key protector of type "Numerical Password" is created for the volume.

Use the IsNumericalPasswordValid method to validate the format of the numerical password.

Syntax


uint32 ProtectKeyWithNumericalPassword(
  [in, optional]  string FriendlyName,
  [in, optional]  string NumericalPassword,
  [out]           string VolumeKeyProtectorID
);

Parameters

FriendlyName [in, optional]

Type: string

A string that specifies a user-assigned identifier for this key protector. If this parameter is not specified, a blank value is used.

NumericalPassword [in, optional]

Type: string

A string that specifies the specially formatted 48-digit numerical password.

The numerical password must contain 48 digits. These digits can be divided into 8 groups of 6 digits, with the last digit in each group indicating a checksum value for the group. Each group of 6 digits must be divisible by 11 and must be less than 720896. Assuming a group of six digits is labeled as x1, x2, x3, x4, x5, and x6, the checksum x6 digit is calculated as –x1+x2–x3+x4–x5 mod 11.

The groups of digits can optionally be separated by a space or hyphen. Therefore, "xxxxxx-xxxxxx-xxxxxx-xxxxxx-xxxxxx-xxxxxx-xxxxxx-xxxxxx" or "xxxxxx xxxxxx xxxxxx xxxxxx xxxxxx xxxxxx xxxxxx xxxxxx" may also contain valid numerical passwords.

If no numerical password is specified, one is randomly generated. Use the GetKeyProtectorNumericalPassword method to obtain the randomly generated password.

VolumeKeyProtectorID [out]

Type: string

A string that is the unique identifier associated with the created protector and that can be used to manage the key protector.

If the drive supports hardware encryption and BitLocker has not taken band ownership, the ID string is set to "BitLocker" and the key protector is written to per band metadata.

Return value

Type: uint32

This method returns one of the following codes or another error code if it fails.

Return code/valueDescription
S_OK
0 (0x0)

The method was successful.

E_INVALIDARG
2147942487 (0x80070057)

The NumericalPassword parameter does not have a valid format.

FVE_E_LOCKED_VOLUME
2150694912 (0x80310000)

The volume is locked.

 

Remarks

Managed Object Format (MOF) files contain the definitions for Windows Management Instrumentation (WMI) classes. MOF files are not installed as part of the Windows SDK. They are installed on the server when you add the associated role by using the Server Manager. For more information about MOF files, see Managed Object Format (MOF).

Requirements

Minimum supported client

Windows Vista Enterprise, Windows Vista Ultimate [desktop apps only]

Minimum supported server

Windows Server 2008 [desktop apps only]

Namespace

\\.\root\CIMV2\Security\MicrosoftVolumeEncryption

MOF

Win32_encryptablevolume.mof

See also

Win32_EncryptableVolume

 

 

Did you find this helpful?
(1500 characters remaining)
Thank you for your feedback

Community Additions

ADD
Show:
© 2014 Microsoft. All rights reserved.