With Sophos Device Encryption, after drive encryption, every time you boot into Windows, you will always be asked to enter the previously configured Bitlocker password. If for some reason the user forgets this Bitlocker password, the admin can still let the user change the new password with the Recovery key.
The article will show you how to get Recovery Keys for users to log into the machine and change the Bitlocker password with Sophos Central Device Encryptions.
Step 1: Get the Recovery Key ID
On the machine where the user forgot the Bitlocker password, press “ESC” on the keyboard to enter the Bitlocker Recovery section.
In Bitlocker Recovery. You just need to find the Recovery Key ID section with the ID as below.
Step 2: Retrieve Recovery key.
Login Sophos Central Admin > Encryption
There are 2 ways you can get the Recovery Key:
- If unable to identify the device
If you do not know which machine need to change the Bitlocker password, because the number of machines is too large or the user does not remember the information. You can search with your existing Recovery ID.
On the Encryption Dashboard > select Get a recovery key.
Or from the Encryption Dashboard > select Computer > select Retrieve Recovery key.
2. If can identify the device
If you already have information about the user and the device name to change the bitlocker password, you can select the device name in the Computer section, scroll down and select Retrieve Recovery key. Ex: Computer named VM10-John-Test-11.
When the Retrieve Recovery Key table appears, enter the Recovery Key ID has in step 1, you only need to enter the first 5 characters, Sophos will automatically match the existing ID.
Choos Show Key.
You just need to copy the Recovery Key for user can login to Windows .
On the user machine, enter this Recovery Key and press Enter to be able to login to the machine.
Step 3: Change Bitlocker password.
After you have successfully logged into the machine, wait for a while the Sophos Device Encryption table will appear asking you to enter a new Bitlocker Password. After entering, click Save new Password. The next time you log in, you will enter this new password.