Encryption management

Management of encrypted workstations consists of pre-boot log in management.

You can access these options from Computer Details -> Overview -> Encryption tile -> Manage:

Or execute the maintenance mode tasks and policy options.

•Invalidate FDE login password - This task immediately invalidates the current login password and prompts users to change their login password in the EFDE client´s main program window. If the user does not change their password in the EFDE client´s main program window and shuts down the device, users are prompted to change the password on the pre-boot login screen the next time the device is booted.

•Generate new FDE recovery password - This task immediately invalidates the current login password and generates a new one that the administrator can provide to the user.

• Restore Access

o Recovery password - generates the user's recovery password to set up a new login password.

o Recovery data - generates the decryption file required for encryption recovery.

•Block Access

oBlock FDE login password - This task forces the user to require a recovery password to boot the machine. The Recovery password is required to set a new pre-boot login password for the user to log in on the device. The user cannot change their login password (even if this is enabled by EFDE configuration policy) at the pre-boot login screen at this state.

oWipe FDE login password - This task initializes BSOD the device immediately after the execution on the device. The FDE login is wiped on the device, and the user is blocked from any login attempt. User login, password change, and password recovery are disabled in this state. The only option is encryption recovery with an encryption recovery drive.