Skip to main content
Sign Out

Welcome to Dell

My Account
  • Place orders quickly and easily
  • View orders and track your shipping status
  • Enjoy members-only rewards and discounts
  • Create and access a list of your products
  • Manage your Dell EMC sites, products, and product-level contacts using Company Administration.
Sign In Create an Account Dell Financial Services Premier Sign In Partner Program Sign In
Contact Us

Your Dell.com Carts

Article Number: 000189791

Dell Encryption Self-Encrypting Drive Manager and Dell Full Disk Encryption Recovery Scenarios for Forgotten Password

Summary: Basic instructions to help users pass Pre-Boot Authentication in case they forgot their password when using Dell Encryption Self-Encrypting Drive Manager and Dell Full Disk Encryption.

This article may have been automatically translated. If you have any feedback regarding its quality, please let us know using the form at the bottom of this page.

Article Content

Symptoms

Affected Products:

  • Dell Encryption Self-Encrypting Drive Manager
  • Dell Full Disk Encryption

Affected Versions:

  • v8.16 and Later

Affected Operating Systems:

  • Windows

This article provides basic instructions to help users bypass the Pre-Boot Authentication in case they forgot their password. The Pre-Boot Authentication provides multiple ways for users to authenticate to gain access to their computer in the events like this. It is recommended to be off the network when performing the recoveries described below.

Cause

Not Applicable

Resolution

The first and easiest way for users to authenticate to Pre-Boot Authentication after forgetting their password is by using Question and Answers authentication. The first time a user logs in to a computer, they are prompted to answer questions configured by policy. After providing answers to these questions, they will be prompted for their answers. Assuming they have answered the questions correctly, Pre-Boot Authentication allows access to the Operating System.

To get to the Recovery Questions dialog in Pre-Boot Authentication, follow the steps below:

Note: A valid username and domain must be provided before clicking the Recovery Questions menu option.
  1. Enter a valid username and domain name and then select Options -> Trouble signing in -> Recovery Questions.

Recovery questions
Figure 1: (English Only) Select Recovery Questions

  1. When the Recovery Questions dialog appears, enter the answers for the questions that were enrolled at first login and click Submit.

Answers for questions
Figure 2: (English Only) Provide answers to the Recovery Questions

  1. Once the authentication is successfully completed, the endpoint boots in the Operating System.

Challenge Response can be used to authenticate through Pre-Boot Authentication and boot into Windows. Challenge Response can be used in the following scenarios:

  • In the event a user does not remember the answers that they supplied at time of enrollment.
  • Recovery Questions authentication is not enabled.
  • A user is remote with no network connectivity and cannot receive an unlock command from the Security Server using Pre-Boot Authentication Device Controls.

A user can get to the Challenge Response screen by clicking the Options -> Trouble Signing in -> Challenge Response menu options or entering their password incorrectly X number of times without the network cable plugged in.

Note: A valid username and domain must be provided before clicking the Trouble Signing in menu option.
  1. Enter a valid username and domain name and then select Options -> Trouble Signing in -> Challenge Response.

DDPKM-2433 Challenge Response step 1.png
Figure 3: (English Only) Challenge Response

  1. When prompted, contact the Help Desk and provide the Device Name and Challenge Code.

Challenge Response
Figure 4: (English Only) Challenge Code

  1. In the Dell Encryption Remote Management Console, go to the Recover Data menu option on the left and then click PBA from the top menu.

Recover Data
Figure 5: (English Only) Click PBA tab

  1. Enter the hostname that the user provided, in the Host Name field and click Search. After clicking Search, click the drop-down to find the name of the user who is requesting assistance.
  2. Enter the Device Code that the user provided into the Challenge field and click Generate Response.
  3. Provide the user with the generated Response Code. These codes are not case-sensitive. The numbers are shown in red and the letters in blue.

PBA
Figure 6: (English Only) Provide user with Response Code

  1. The user enters the Response Code into the Response Code field in Pre-Boot Authentication.
  2. Click the Submit button to continue and authenticate passed Pre-Boot Authentication.

Submit
Figure 7: (English Only) User enters Response Code

  1. Once the authentication is successfully completed, you should see the message below.

Authentication successful
Figure 8: (English Only) Authentication successfully completes

Note:
  • Challenge Response only allows you to authenticate passed Pre-Boot Authentication one time. Once the machine is shut down and restarted, the machine resumes protection, and the user have to authenticate passed Pre-Boot Authentication again.
  • Once a user has been sent to the Challenge Response dialog, the user must complete the Challenge Response to gain access to the computer. If they shutoff the machine and attempt to log, back in - even with the correct password - Pre-Boot Authentication prompts again with the Challenge Response dialog.

To contact support, reference Dell Data Security International Support Phone Numbers.
Go to TechDirect to generate a technical support request online.
For additional insights and resources, join the Dell Security Community Forum.

 

Article Properties

Affected Product

Dell Encryption

Last Published Date

05 Jul 2023

Version

7

Article Type

Solution

Back to Top