When a user forgets their password, they can generate a Challenge code that can be cleared with a Response code.
Generating a Challenge code
- Ask the user to display the PBA and then press the F9 key on the keyboard.
- A 'Challenge' code will be displayed.
- Ask the user to contact the helpdesk user (or another user who has the right to change general settings) to ask for a 'Response' code. The user will have to provide the helpdesk user with their user ID and the challenge code that SDE generated for them.
Generating the Response code
The helpdesk user generates the response code using the Administrative tools on their computer.
- From the Start menu, select All Programs|Sophos|Sophos SafeGuard Disk Encryption and choose 'Response Code Wizard'.
- In the 'Authorization Account' screen of the Response Code Wizard, specify the user ID that the user provided and click Next.
You could select the System user or enter the name of another user who is authorized to log in to this computer, if the user does not know their user ID.
- Type the user's password and click Next.
- If the user ID you have entered is the default user on the computer, select 'Default user'. Otherwise, type the user name in the 'Other user ID' field. Click Next.
- Type the Challenge code that the user provided and click Next.
- Select the action that you would like to take. Normally, you would have the user change their password by selecting 'Set new user password'; however:
If the user has since remembered their password, select 'One time logon'.
If the user has some other problem with their computer, you may want to uninstall SafeGuard Disk Encryption until the issue is resolved.
When you click Next, the Response Code Wizard will generate a Response code.
- Write down the Response code (be careful to differentiate between 1 and i and 0 and o) and ask the user to type it into the screen on their computer and then press enter.
If the Response code succeeds, if you selected 'set new password', the user will have to enter a new password and then enter it again to verify it. They can then use the new password when they log in to the computer in the future.
If the Response code fails, start the procedure again. Often, the Response code is written down wrong the first time -- take your time examining the code to ensure that ones and zeroes are not mistaken for 'i' or 'o'.