This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Forgot Tamper protection password

Hi,

We are stuck in one scenario at one of our clients place ( 400 endpoint machine ), we do not know the tamper protection password and the SEC server and endpoint connectivity is not there, so we cannot push the tamper policy to the endpoints. 

The only option we have now is to disable the tamper by entering the password manually, but we do not know the tamper protection password. Is there anyway that password is stored somewhere in the endpoint or on the SEC server ?



This thread was automatically locked due to age.
Parents
  • Hello Kandarp Desai1,

    that password is stored somewhere
    for IMO obvious reasons Sophos won't tell you if, and - in case it is - where, and how to derive the clear text from the stored information [:)].

    Please see Sophos Endpoint Defense: How to recover a tamper protected system.

    But do I understand correctly that 400 endpoints are orphaned? Would be quite some task. Why is endpoint connectivity not there?

    Christian

  • Thanks christian for the reply,

    We are thinking of handing over any information to Sophos and let them do the process of decrypting or whatever is the method to get back the password. I still don't know if they will agree to this ?

    Also, we are thinking of using Revo uninstaller to completely remove Sophos incase we do not get any workaround.

    Yes the server is orphaned and its difficult to get it back up.

Reply
  • Thanks christian for the reply,

    We are thinking of handing over any information to Sophos and let them do the process of decrypting or whatever is the method to get back the password. I still don't know if they will agree to this ?

    Also, we are thinking of using Revo uninstaller to completely remove Sophos incase we do not get any workaround.

    Yes the server is orphaned and its difficult to get it back up.

Children