Reset forgotten password

Note: This instruction assumes that the user has both SafeGuard Disk Encryption and SafeGuard File Encryption or Synchronized Encryption installed on their Mac. If they are using only one of the above, steps may vary.
If a user forgets the Mac OS X logon password, do the following:
  1. Tell the user to open the logon dialog and click ?.
    The password hint is displayed and the user is prompted to reset the password using the recovery key.
  2. Tell the user to click on the triangle next to the message in order to get to the next step (to enter the recovery key):
  3. In the SafeGuard Management Center, select Tools > Recovery and display the recovery key for the specific machine.
  4. Tell the user the recovery key to be entered in the logon dialog.
    The recovery key is replaced as soon as it has been used once to start the system. The new recovery key is generated automatically and sent to the SafeGuard Enterprise backend where it is stored to be available for the next recovery.
  5. In the SafeGuard Management Center, select Users and Computers and remove the user's certificate.
  6. For local users, do the following:
    1. Tell the user to define a new password and a password hint.
    2. In the SafeGuard Management Center, select Users and Computers > .Unconfirmed Users and confirm the user.
    3. Tell the user to open the Server tab in the Preference Pane and click Synchronize.
  7. For Active Directory users, do the following:
    1. Reset the existing password in your user administration environment and generate a preliminary password. Select the corresponding option to force the user to modify the password after the first login.
    2. Contact the user, and hand over the preliminary password.
    3. Tell the user to click Cancel in the Reset Password dialog and enter the preliminary password instead.
    4. Tell the user to define a new password and a password hint and click Reset Password.
  8. Tell the user to click Create New Keychain in the following dialog.
  9. Tell the user to enter the new password to create the SafeGuard user certificate.
The user's keys will be loaded into the new keychain automatically, so all documents will be accessible as before.
Note: Be careful to whom you give a recovery key. As a recovery key is always machine specific and not user specific. Make sure that the recovery key is not used to get unauthorized access to another user's sensitive data on the same machine.