Recover access with Challenge/Response

Note: This feature will be unavailable if your license doesn't include Full Disk Encryption.
Challenge/Response helps users who cannot log on to their computers or access encrypted data. During the Challenge/Response procedure, the user provides a challenge code generated on the endpoint computer to the help desk officer. The help desk officer then generates a response code that authorizes the user to perform a specific action on the computer.

For users to be able to recover access with Challenge/Response, the following prerequisites must be fulfilled:

  1. On the endpoint computer the user initiates a Challenge/Response procedure, generates a challenge code and contacts you.
    For further information about initiating a Challenge/Response procedure in case of a forgotten password, see the Sophos Disk Encryption user help. For further information about initiating a Challenge/Response procedure in case the Power-on Authentication is corrupt, see the Sophos Disk Encryption tools guide.
  2. In the Computers list, right-click the respective computer and select Encryption Recovery.
    The Encryption Recovery wizard is launched.
  3. On the Select the recovery method page, select the required recovery method and click Next.
    • If the user has forgotten their password, select Forgotten password (logon recovery).
    • If the user cannot log on because the Power-on Authentication is corrupt, select Power-on Authentication corrupt (key recovery).
  4. On the Enter the challenge page, enter the challenge code the user has provided and click Next.
    The response code is generated and displayed on the Tell end user the response page.
  5. Tell the end user the response code.
    If you tell the user the response code over the phone, you can use the Phonetic Alphabet for easy spelling.
  6. The user enters the response code on the endpoint computer.
Access to the endpoint computer is recovered.