Hitachi ID Password Manager enables users whose PC is protected with drive encryption software, who have forgotten their pre-boot password, to unlock their PC using an app previously installed on their iOS or Android phone.
The process for encrypted drive unlock is as follows:
- The user selects the "unlock" user interface at the boot prompt of the drive encryption software. Note that this is available before the operating system boots.
- The user launches the Hitachi ID Mobile Access app on his phone and signs in, for example by answering security questions.
- The encryption software on the user's PC displays a challenge code, which the user enters into his phone.
- The app displays a response code, which the user enters into his PC.
- This unlocks the PC, which proceeds to the OS boot process.
The series of screen captures from a phone in Figure [link] illustrates this process.
Password Manager mobile application -- unlock pre-boot password
Note that drive unlock is also possible via a self-service phone call to an (included) interactive voice response (IVR) system.
Watch a Movie
In the following movie, we show unlocking a drive protected by McAfee Safeboot, but a similar process is available for a variety of other drive encryption products.
Unlocking a user who forgot his McAfee/Safeboot boot password
Content:
- User forgot the password he must type to unlock his encrypted drive.
- User calls the help desk and is routed to the Hitachi ID Telephone Password Manager server.
- User identifies and authenticates himself over the telephone.
- User acts as an intermediary between McAfee/Safeboot software and Telephone Password Manager, passing codes in both directions.
- User receives and keys in an unlock code, enabling him to boot his OS.
Key concepts:
- Access to key recovery for users with encrypted drive.
- Self-service process eliminates help desk calls and offers 24x7 service.