ESET Online Help

Search English
Select the topic

Recovery data

The encryption recovery process is required if the Wipe FDE Login password task was executed or if there is a problem with the encryption or EFDE pre-boot login screen and Password recovery is not successful. This process will decrypt the drive on the workstation and disable the EFDE pre-boot login.

You need a Workstation ID for the recovery process. Workstation ID is case-sensitive. You can find Workstation ID at the bottom of the pre-boot login screen:


All users with Read access to the All static group (access to all devices) also have access to recovery data of removed devices.

Due to security reasons, recovery data is available only to users with access to the All static group (access to all devices), for example, only to global administrators.

The administrator can perform this task in two ways:

If the administrator can identify the affected workstation in the management console:

1.Click Computer Details of the workstation in the management console.

2.In the Overview -> Encryption tile select Manage -> Restore Access -> Recovery data.

If the administrator can not identify the affected workstation in the management console:

1.In the top bar of the management console, click -> Help -> Encryption recovery.

2.Select the Recovery data option.

3.The user must provide the Workstation ID to the administrator. Workstation ID is displayed at the bottom on the EFDE pre-boot login screen.


From this point, the recovery process is the same for both options.

Download the Recovery Data File:

1.On the screen, create a one-time recovery Password (this password is valid only for this one specific encryption recovery).

2.Click Create Recovery Data to proceed to the next step.

3.In the next window, click efderecovery.dat and Download&Save the file. After this step is finished, click Close.


The "efderecovery.dat" file is unique for every workstation and every encryption of the workstation. e.g., the decryption file will not be the same if the workstation was encrypted, decrypted, and then encrypted again.