Restore encrypted directories

Recovery may become necessary when a user has lost access to encrypted drives or folders. This may either happen due to the loss of access to a certificate's private key or the forgetting of the password.

To restore access to encrypted drives after forgetting a password or losing a certificate, a so-called offline recovery is performed using a challenge-response method. This involves the user, the administrator or helpdesk personnel.

The challenge/response mechanism validates both the challenge (request code) that DriveLock creates for the user and the corresponding response code that is generated by the person performing the recovery. Only when both codes are valid for the drive or folder to be recovered, can access to the data be restored (for example enabling the user to select a new encryption password). The user generates the challenge code using a wizard and provides this code to an administrator. The administrator checks that the request code is valid and then generates a response code that is in turn validated by the wizard running on the client computer.

The procedure a user must complete to initiate recovery are described in the DriveLock User Manual.

The steps for recovery by the administrator (or support staff) are identical to the recovery of encrypted drives.