Skip to main content

Using Recovery Manager for encrypted volumes

Using Recovery manager for encrypted volumes for endpoints

When endpoint users forget their encryption passwords and they cannot access encrypted volumes on their machines any longer, you can help them by retrieving recovery keys from the Network page.

To retrieve a recovery key:

  1. Go to the Network page.

  2. Click the recovery_manager.png Recovery manager button in the action toolbar of the left-side pane. A new window appears.

  3. In the Identifier section of the window, enter the following data:

    1. The recovery key ID of the encrypted volume.

      On Windows, the recovery key ID is a string of numbers and letters available on the endpoint, in the BitLocker recovery screen.

      Alternately, you can use the Recovery option in the Protection tab of the computer details to automatically fill in the recovery key ID, for both Windows and macOS endpoints.

    2. The password of your GravityZone account.

  4. Click Reveal. The window expands.

    In the Volume information, you are presented with the following data:

    1. Volume name

    2. Type of volume (boot or non-boot).

    3. Endpoint name (as listed in the Network Inventory)

    4. Recovery key. On Windows, the recovery key is a password generated automatically when the volume has been encrypted. On macOS, the recovery key is actually the user account password.

  5. Send the recovery key to the endpoint user.

For details about encrypting and decrypting volumes with GravityZone, refer to Encryption.

Using Recovery Manager for encrypted volumes for virtual machines

When endpoint users forget their encryption passwords and they cannot access encrypted volumes on their machines any longer, you can help them by retrieving recovery keys from the Network page.

To retrieve a recovery key:

  1. Go to the Network page.

  2. Click the recovery_manager.png Recovery manager button in the action toolbar of the left-side pane. A new window appears.

  3. In the Identifier section of the window, enter the following data:

    1. The recovery key ID of the encrypted volume.

      On Windows, the recovery key ID is a string of numbers and letters available on the endpoint, in the BitLocker recovery screen.

      Alternately, you can use the Recovery option in the Protection tab of the virtual machine details to automatically fill in the recovery key ID, for both Windows and macOS endpoints.

    2. The password of your GravityZone account.

  4. Click Reveal. The window expands.

    In the Volume Information, you are presented with the following data:

    1. Volume name

    2. Type of volume (boot or non-boot).

    3. Endpoint name (as listed in the Network Inventory)

    4. Recovery key. On Windows, the recovery key is a password generated automatically when the volume has been encrypted. On macOS, the recovery key is actually the user account password.

  5. Send the recovery key to the endpoint user.

For details about encrypting and decrypting volumes with GravityZone, refer to Encryption.