Recovery process
To recover access to an encrypted hard disk, Please do the following::
- Open the Disk Recovery wizard either from the DriveLock Control Center or the DriveLock Management Console.
-
In the first dialog, select the BitLocker recovery key option.
For information on emergency logon to the DriveLock PBA, refer to the corresponding chapter.
Select where the recovery information is retrieved from:.
Which option you select, depends on your settings in the encryption settings dialog. We recommend the DriveLock Enterprise Service option.
-
In the next dialog, select the location of the certificate and/or private key (*.PFX file).
You can also access the information stored in the Windows Certificate Store.
If you specified earlier in the encryption settings dialog that the recovery information resides in the file system, please enter the matching password for the private key here.
-
Next, select the client computer that needs recovery from the list. Use a filter, if required.
-
Continue by requesting a recovery key in the next dialog.
The challenge-response feature will be fully available in the next version.
- Wait a moment while DriveLock retrieves the recovery information.
-
The next dialog issues the recovery key.
Select the drive defined as system partition on the client computer.
-
Provide the user with the recovery key.
Please note that you are responsible for communicating the recovery key to the users over a secure channel.
-
Last, the user enters this key in the BitLocker recovery dialog when starting the client computer.
Note that this recovery key represents a major security risk. For this reason, BitLocker Management immediately initiates a password change by the user and replaces the recovery key with a new one.
-
The Change BitLocker Password wizard starts on the client computer and the user must specify a new password.
- As soon as this is done, the user can enter this password when starting up the client computer.