Forgotten Encryption Passphrase - Windows
Forgotten Encryption Power-On-Authentication Passphrase Overview
This tutorial applies to the following operating system:
In the case that a user forgets the Power-On-Authentication passphrase that they set when encryption was enabled, a recovery key can be generated so that they can boot their computer and reset their passphrase. This recover key process will work regardless of a user’s location and a key can only be used once.
Contact the ITS Help Desk by calling 208-885-4357 (HELP). A Technical Support Representative (TSR) will be able to assist you through the rest of the process.
At the Power-On-Authentication prompt when the computer has first been powered on, press Esc to access the Recovery Key Entry screen.
The TSR will generate a one-time use Recovery Key for you. Enter the Recovery Key into the eight blank spaces on the Recovery Key Entry screen
Read the Recovery Key back to the TSR as you have entered it in order to confirm that the key is correct. Press Enter to proceed with the boot process.
Once the machine has completed the boot process, log in to your account as you normally would.
In the lower right hand corner of the screen in the system tray, next to the clock, right click on the Sophos SafeGuard icon () and select Reset BitLocker credentials.
In the resulting dialog box, enter and confirm your new passphrase. This will be the new passphrase you will use when booting your computer. In order to prevent unauthorized access to your computer, do not write this passphrase down.