Skip to content

Recover Windows endpoints

If users forget their BitLocker PIN or password, they can go to the Sophos Self Service Portal. See Retrieve recovery key via Self Service Portal.

On computers running Windows 10 or Windows 11, users receive instructions on the BitLocker recovery screen.

You can help them access their computer. These instructions tell you what the users will see and what they need to do.

They must:

  1. Restart the computer and press the Esc key in the BitLocker logon screen.
  2. In the BitLocker recovery screen, find the Recovery key ID.
  3. Call the administrator and tell them the recovery key ID.

    You can give them the recovery key. See Retrieve recovery key (Windows computers).

  4. The user must enter the recovery key, then follow the on-screen instructions to create a new PIN or password.

    On computers running Windows 7, they don't see any instructions. They need to reset their PIN/password manually.

Users can access their computer again.

Normally, data volumes are unlocked automatically as soon as the user can access the boot volume. If this is not the case, you can get a recovery key for the data volume in Sophos Central in the same way as for boot volumes.