- This article guides the steps to login when the user forgets the password on Windows 7 using Recovery Key
Diagram and implementation steps
- As the diagram we see administrator can sit anywhere to control endpoint via Sophos Endpoint Protection.
- To do this, the endpoint need to install Sophos Endpoint Protection on their computer.
- You can see installation guide Sophos Endpoint Protection here.
- In this article, we will configure Sophos Endpoint Protection on laptop Thinkpad X201 running Windows 7 OS and create Policy on Sophos Central to encrypt drive on device.
- You can see installation guide How to configure Full Disk Encryption on Windows 7 here.
- Finally we will simulate a user who forgot the password and use Recovery Key to login into the machine.
There are two ways to get Recovery Key
- Contact administrator
- When we forget the PIN of BitLocker and can not login into the machine we can contact administrator to get Recovery Key to login.
- To get Recovery Key, administrator need to login into Sophos Central using admin account > click Devices > click Test PC (Name of the PC is encrypted in previous manual) > Device Encryption > Retrieve Recovery Key.
- Retrieve Recovery Key pane appear, copy this code for user to user login into the machine.
After restart the machine blue pane appear, we press ESC on the keyboard to enter BitLocker Recovery and enter the code is provided by administrator.
- Press enter and so we are logged into the machine.
- The difference when using Recovery Key to log on to the computer is when using on Windows 7, after logging in Sophos will require changing the password, while on Windows 7 it is not required.
- If we want to change the password easily, remember to follow the steps below.
- Click the Windows icon and type in Bitlocker checkbox > select Manage BitLocker.
- Continue to select BitLocker.
- Select Reset the PIN, a table will appear to enter the new PIN twice in the empty box and click Set PIN to complete.
2. Login into User Portal to ger Recovery Key
- In addition to contacting the administrator, we can also log into Sophos Central’s User Portal page to retrieve the Recovery Key code.
- The link to the User Portal page is https://www.central.sophos.com/manage/self-service
- After logging in with an administrator account, select Device Encryption and you will see the Recovery Key.Enter the Recovery Key into BitLocker Recovery and you will successfully login to the computer.