Recovery data

The encryption recovery process is required in case the Wipe FDE Login password task was executed or in case there is a problem with the encryption or EFDE pre-boot login screen and Password recovery is not successful. This process will decrypt the drive on the workstation and disable the EFDE pre-boot login.

The administrator can perform this task in two ways:

If the administrator can identify the affected workstation in the management console:

1.Navigate to the Computer Details of the workstation in the management console.

2.In the Overview -> Encryption tile select Manage -> Restore Access -> Recovery data.

If the administrator can not identify the affected workstation in the management console:

1.Navigate to the top bar of the management console -> Help -> Encryption recovery.

2.Select the Recovery data option.

3.At this point, the user must provide the Workstation ID to the administrator. Workstation ID is displayed on the EFDE pre-boot login screen on the bottom.

 

From this point, the recovery process is the same for both options.

Download the Recovery Data File:

1.On the screen, create a one-time recovery Password (This password is valid only for this one specific encryption recovery).

2.Click Create Recovery Data to proceed to the next step.
Recovery_01

3.On the next pop-up window, click on efderecovery.dat and Download&Save the file. After this step is finished, you can Close it.
Recovery_02

note

Note

The "efderecovery.dat" file is unique for every workstation and every encryption of the workstation. e.g., the decryption file will not be the same if the workstation was encrypted, decrypted, and then encrypted again.

ESET Encryption Recovery Media Creator

1.Insert an empty USB drive into your computer.

2.Download the ESET Encryption Recovery Media Creator.

3.Run the utility on your computer and click Next to proceed.
Recovery_03

4.Select Win RE USB 32/64 bit.
Recovery_04

note

Note

When creating the Win RE USB, the architecture (x86 / x64) of the host system running the utility must match the architecture of the target system of the recovery.

5.As the Destination disk for the recovery, select your empty USB drive inserted in Step 1.
Recovery_05

6.For What type of computer are you recovering, select ESET PROTECT Managed.
Recovery_06

7.In the next step click Browse, and locate your efderecovery.dat file generated earlier.
Recovery_07

8.Optional: Only select additional support files if you have been instructed to by ESET technical support.

9.Click Next.
Recovery_08

10.Review your settings and click Start to create the recovery disk.
Recovery_09

11.You will be prompted by your Operating System with a Format confirmation dialog. Select Yes to continue.
Recovery_010

12.Wait for the utility to complete the creation process.
Recovery_011

13.After the creation process of the recovery drive is completed, click Finish.
Recovery_012

14.Safely remove the newly created recovery USB drive.

 

Decrypting of the encrypted workstation.

1.Insert the Recovery USB drive into the target workstation.

2.Open the Boot manager on the target workstation and select USB as the first boot option.

3.If the boot procedure has worked correctly, you will see the Recovery screen with Language selection.

4.Select the desired language to continue.
Recovery_013

5.Select Decrypt all encrypted disks (EFDE managed recovery file).
Recovery_014

6.A warning screen will be displayed. Review the information on the warning screen and click Yes to continue.
Recovery_015

7.Fill in the recovery password specified earlier in the management console.
Recovery_016

8.Choose the Decryption mode based on your preferences to initiate the decryption process.
Recovery_017

warning

Warning!

Make sure that you let the process complete and DO NOT shut down or power the machine off.

9.Once the workstation has been decrypted, press Ok and then Shutdown.
Recovery_018

10.The next time the workstation is booted, the EFDE pre-boot login screen will not be displayed and, Windows should boot normally.