This document will explain how to setup the McAfee Endpoint Assist mobile application. This new feature for McAfee Drive Encryption uses a companion app for iOS and Android to help users recover their password using the app instead of calling the helpdesk.
You can also watch the steps described in this document by viewing the video below.
I - Set Up the McAfee Drive Encryption Application
In the McAfee pre-boot environment, there is a new feature called “Register Smartphone.”
Once this box is checked, you can enter your username and password. A QR code will be generated which will be used to register the end-user. Using a mobile device, download the "McAfee Endpoint Assist" app and capture the QR code on the screen.
In this instance, we are using an Android device and have already downloaded the app. Launch the app and enter a username and password for the application.
After creating a logon, click on the "Scan" button and point the device's camera at the QR code on your original machine's screen. The QR code will processed, and the cryptographic information necessary to recover your password in the future will be stored in the app. Click "Ok" to complete the process.
You will now be able to logon to your system.
II - Test the McAfee Drive Encryption Application
If you ever forget your password, all the information necessary to reset it is stored in the app, and you can now use the app to unlock your machine. To test this, we can "forget" our password and use the app to reset it.
If you forget your password, an error message will pop up. Click "Ok" and proceed to "Options" > "Recovery."
There is a new option here, called “Administrator/Smartphone Recovery.” Clicking "Ok” will generate a QR code.
On your mobile device, launch the "McAfee Endpoint Assist" application and unlock it with the passcode you created. Click "Scan" and focus the screen on the QR code. A recovery code will be generated.
The code generated is one that you would normally get by calling the IT helpdesk and reading the string of letters and numbers on the screen. With the McAfee Endpoint Assist app, the need to call the IT helpdesk is eliminated. Click "Next" on your original machine and enter the code from your mobile device in the appropriate fields.
Click "Finish" and create a new password. You can now successfully logon to your system.
You have now reset your password with the need to call the IT helpdesk. The McAfee Endpoint Assist mobile application will hopefully have a positive effect in lowering the operational cost of running an encryption product.