SafeGuard Native Device Encryption and SafeGuard File Encryption

These instructions assume you have both SafeGuard Native Device Encryption and SafeGuard File Encryption installed on your Mac. If you are using only one of the above, steps may vary.

If you forget your macOS password, proceed as follows:

  1. Switch on your Mac.
  2. Click the question mark icon in the Password field.
    Your password hint is displayed and you are asked whether you want to reset your password using your recovery key.
  3. Click the arrow icon next to the message to switch to the recovery key field.
  4. Contact your security officer and ask for your recovery key. Additionally, your security officer must remove your user certificate in the SafeGuard Management Center.
  5. Enter your recovery key in the corresponding field and click the arrow icon on the right-hand side.
    The Mac starts and the Reset Password dialog is displayed.
  6. If you are an Active Directory user, ask your administrator to reset your password and request a new password.
    1. Make sure your computer is connected to the Active Directory Domain Services.
    2. In the Reset Password dialog, click Cancel and enter your new password.
    3. Change your password once again, if required.
  7. If you are a local macOS user, enter a new password and a password hint and click Reset Password.
  8. Click Create New Keychain.
    A new login keychain is created. Note that all existing entries of your keychain remain valid.
  9. A mac with macOS 10.13 and APFS formatted system disk might need the new password in order to create a new recovery password. When prompted, enter the password.

    The dialog is only shown if you are connected to the SafeGuard Enterprise Server. If there is no connection, it is shown the next time a connection is established.

  10. Enter your new password to create the SafeGuard user certificate.
    If you are an Active Directory user, your keys are loaded into the SafeGuard Enterprise keyring automatically. You can access your documents as before.
  11. If you are a local user, ask your security officer to confirm the user registration.
  12. Open the Server tab in the Preference Pane and click Synchronize.
Your keys are restored and you have access to your encrypted documents again.