Flexible Security For Your Peace of Mind

Specops Key Recovery

Specops Key Recovery is a self-service solution for unlocking computers encrypted or managed by Symantec Endpoint Encryption. A user who is locked out at the pre-boot authentication screen can use Specops Key Recovery to unlock their computer, without calling the helpdesk. For added security, users are verified with multi-factor authentication before receiving a recovery key. The solution supports a number of authentication factors, including Symantec VIP, and Mobile Code.

Try It For Free!
  • Secure self-service key recovery

    The pre-boot authentication screen in Symantec Endpoint Encryption is protected with the user’s Active Directory password. A forgotten password can’t be reset unless the user can get past the pre-boot authentication screen. Without self-service key recovery, the user will have to contact the helpdesk to verify their identity each time they forget their password. To verify the user, the helpdesk will commonly use security questions, which are prone to social engineering. Specops Key Recovery reduces calls to the helpdesk, and increases security. The solution verifies users with multi-factor authentication so they can receive a recovery key.

  • Key recovery for remote users

    The password used on the pre-boot authentication screen is only updated when the user is on the corporate network. A user that changes their password when they are outside of the network, and has forgotten their old password, will need to contact the helpdesk for a recovery key every time they restart their computer. When combined with our self-service password reset solution, Specops Key Recovery can update the cached credentials, triggering a re-encryption with the new password. This will allow the user to authenticate with their new password, even if they are outside the corporate network.

  • MFA with pre-enrollment

    With Specops Key Recovery administrators can enroll users for multi-factor authentication without requiring users to do this themselves. This is possible with identity services that have identifier information stored in Active Directory, such as Symantec VIP, Mobile Code, and Manager Identification. The enrollment information can also be used for self-service password reset, allowing users to manage their passwords in a secure way.

Sound like a good fit?

Get in Touch


  • 15+ identity providers to enable key recovery
  • Available from any web browser and device
  • User pre-enrollment options
  • Customizable user interface
  • Multi-language support: Dutch, English, French, German, Japanese, Portuguese, Russian, Simplified Chinese, Spanish, and Swedish

Try it for FREE, today!

Please fill in your information to start your free trial. All fields are mandatory.

© 2019 Specops Software. All rights reserved. Privacy and Data Policy