Recover Windows endpoints

If users forget their BitLocker PIN or password, they can regain access to their computer in two ways.

  • Users can go to the Sophos Self Service Portal, see Retrieve recovery key via Self Service Portal. Windows 10 users receive instructions on the BitLocker recovery screen.
  • You can help them access their computer. These instructions tell you what the users will see and what they need to do. They must:
  1. Restart the computer and press the Esc key in the BitLocker logon screen.
  2. In the BitLocker recovery screen, find the Recovery key ID.
  3. Call the administrator and tell them the recovery key ID.
    You can give them the recovery key. For help on retrieving a key for one of your users, see the .
  4. The user must enter the recovery key, then follow the on-screen instructions to create a new PIN or password.
    On computers running Windows 7, they don't see any instructions. They need to reset their PIN/password manually.

Users can access their computer again. Normally, data volumes are unlocked automatically as soon as the user can access the boot volume. If this is not the case, you can get a recovery key for the data volume in in the same way as for boot volumes.