Specops Key Recovery

How can IT departments minimize encryption lockout calls at the service desk? Specops Key Recovery is an enterprise self-service solution for unlocking devices encrypted by BitLocker and Symantec Endpoint Encryption. A user who is locked out at the pre-boot authentication screen can use Specops Key Recovery to unlock their computer, without calling the IT service desk. For added security, users are verified with multi-factor authentication before receiving a recovery key. The solution supports a number of authentication factors, including Duo Security, Okta, and Mobile Code.

Try It For Free!
  • Self-service for BitLocker

    BitLocker lockouts can be caused by hardware changes or occur when working remotely. When a lockout is triggered, the user must call the helpdesk for a recovery password, and use it to unlock their computer. To verify the user, the helpdesk will commonly use security questions, which are prone to social engineering. Specops Key Recovery reduces calls to the helpdesk, and increases security. The solution verifies users with multi-factor authentication so they can receive a recovery key.

  • Self-service for Symantec Endpoint Encryption

    Symantec Endpoint Encryption lockouts occur when a user forgets their password or changes their password while working remotely. If the user has forgotten the old password they will need to contact the helpdesk for a recovery key every time they restart their computer. When combined with our self-service password reset solution, Specops Key Recovery can update the cached credentials, triggering a re-encryption with the new password. This will allow the user to authenticate with their new password, even if they are outside the corporate network.

  • MFA with pre-enrollment

    With Specops Key Recovery administrators can enroll users for multi-factor authentication without requiring users to do this themselves. This is possible with identity services that have identifier information stored in Active Directory, such as Symantec VIP, Duo Security, Okta, and PingID, Mobile Code, and Manager Identification. The enrollment information can also be used for self-service password reset, allowing users to manage their passwords in a secure way.

Sound like a good fit?

Get in Touch


  • 15+ identity providers to enable key recovery
  • Available from any web browser and device
  • User pre-enrollment options
  • Customizable user interface
  • Multi-language support: Czech, Dutch, English, French, German, Japanese, Korean, Polish, Portuguese, Russian, Simplified Chinese, Spanish, and Swedish
  • Block/allow self-service key recoveries by geographical location (country), or specific IP address

Try it for FREE, today!

Please fill in your information to start your free trial. All fields are mandatory.

Additional Resources

Microsoft MVP review on 4sysops.com

Robert Pearman, “…I was impressed with Specops Key Recovery for BitLocker, the management portal, and the support I received when I raised several queries for clarification on how things worked.”

Full Review

Gold Award on TechGenix.com!

Brien Posey, “Overall, I think that Specops Key Recovery is a really great product that will go a long way toward helping organizations prevent BitLocker-related data loss.”

Full Review