Specops Key Recovery

Help users securely manage encryption device lockouts.

Specops Key Recovery is an enterprise self-service solution for unlocking devices encrypted by BitLocker and Symantec Endpoint Encryption. A user who’s locked out at the pre-boot authentication screen can use Specops Key Recovery to unlock their computer, without calling the IT service desk. For added security, users are verified with multi-factor authentication before receiving a recovery key.

Try it for free
  • Self-service for BitLocker

    • BitLocker lockouts can be caused by hardware changes or occur when working remotely. When a lockout is triggered, the user must call the helpdesk for a recovery password  
    • To verify the user, the helpdesk will commonly use security questions, which are prone to social engineering  
    • Specops Key Recovery reduces calls to the helpdesk, and increases security. The solution verifies users with multi-factor authentication so they can receive a recovery key 
  • Self-service for Symantec Endpoint Encryption

    • Symantec Endpoint Encryption lockouts occur when a user forgets their password or changes their password while working remotely  
    • If the user has forgotten the old password they will need to contact the helpdesk for a recovery key every time they restart their computer  
    • When combined with our self-service password reset solution, Specops Key Recovery updates the cached credentials, triggering re-encryption with a new password. This allows the user to authenticate with their new password, even if they’re outside the corporate network 
  • MFA with pre-enrollment

    • With Specops Key Recovery, administrators can enroll users for multi-factor authentication without requiring users to enroll themselves  
    • This is possible with identity services that have identifier information stored in Active Directory, such as Symantec VIP, Duo Security, Okta, and PingID, Mobile Code, and Manager Identification 
    • The enrollment information can also be used for self-service password reset, allowing users to manage their passwords in a secure way 

We’ve designed a self-service platform secured by MFA to reduce the load on the service desk and mitigate the security issues related to key recovery. 


  • Multi-language support: Czech, Dutch, English, French, German, Japanese, Korean, Polish, Portuguese, Russian, Simplified Chinese, Spanish, and Swedish
  • 15+ identity providers to enable key recovery
  • Available from any web browser and device
  • User pre-enrollment options
  • Customizable user interface
  • Block/allow self-service key recoveries by geographical location (country), or specific IP address

Try Specops Key Recovery for free

See how Specops Key Recovery can address your encryption device lockouts. 


Need more info?

  • What are the benefits of Full Disk Encryption
    Encryption at the hardware level is great addition to any security portfolio, but it must be enabled with care and consideration.
  • Specops launches self-service encryption key recovery
    Stockholm – Specops Software announced today the release of Specops Key Recovery. The solution addresses the common occurrence of encryption device lockouts by enabling users to unlock computers encrypted or managed by Symantec Endpoint Encryption. Rather than calling the helpdesk for assistance, a user verifies their identity using multi-factor authentication and receives a recovery key…