cancel
Showing results for 
Search instead for 
Did you mean: 
Arghs
Level 7
Report Inappropriate Content
Message 1 of 5

Offline Self-Recovery

Hi All,
Just been looking at whats new in build 5500.
I noticed one major new feature is offline self-recovery.

I'm guessing this is something along the lines of the user selects additional questions/answers to their profile, and if they do forget their password, they can use this to reset it? Is that correct?

Has anyone actually had a chance to play around with this yet? Thoughts?

Thanks.
4 Replies
Reliable Contributor SafeBoot
Reliable Contributor
Report Inappropriate Content
Message 2 of 5

RE: Offline Self-Recovery

I like it, but then I'm a security guru.

The safety and usefulness is arguable both ways - an attentive user will give solid answers to their questions in a way which is not easily guessed, an inattentive user will give simplistic answers that are easy for a hacker to determine.

So, do you trust your users to set it up appropriately, or are they going to give the answer "Monday" to every question?
CClev
Level 7
Report Inappropriate Content
Message 3 of 5

RE: Offline Self-Recovery

The questions are configurable though, right? So all you would need to do is construct a single highly complex question that requires the user to type a similarly complex answer. Something like... "Describe the benefits of encryption using fifteen words or less."
Reliable Contributor SafeBoot
Reliable Contributor
Report Inappropriate Content
Message 4 of 5

RE: Offline Self-Recovery



Your user's forgotten the password they use EVERY DAY, what chance is there of them remembering a set of answers they entered months ago? :eek:
CClev
Level 7
Report Inappropriate Content
Message 5 of 5

RE: Offline Self-Recovery

I was looking for some additional info on how the user self-reset works, as far as "policies" go... I checked the EndPoint Encryption Admin Guide for PC but didn't find much in there. Is there a way to configure the user self-recovery policy such that x number of failed questions will result in the account disabling, or even the laptop disabling? I would love to use this feature but can't convince Security to allow it without some additional safeguards. sad