Sophos Central Endpoint and SEC: Computers fail/hang on boot after the Microsoft Windows April 9, 2019 update. Please follow knowledge base article 133945

Learn about the Benefits of Multi-Factor Authentication (MFA). Turn your MFA on now!

Sophos 5.6 console - forgot password and MSO, any way to recover?

Hi All,


If user forgot the SGN console password, is there any way to do recovery or DR?




  • Do you still know the DB creds?

    I don't know if possible but I would be leaning towards installing a newer version backend and doing an upgrade on the DB.

    Are there no other Security Officers setup? Did you add any domain based SO's?


  • In reply to MichaelMcLannahan:

    We're still figuring out what left that can be salvaged/used to recovery


    AFAIK none of these info available.... but will revert back



    I saw in an older thread....we need MSO and certificates backup right?


  • In reply to Ins007:

    Hello Ins007,

    To get back in you'll need to reset the Certificate KeyStore (MSO) Password, you can do this as follows:

    1. Open the SafeGuard Certificate Manager
    2. Click the 3rd button in from the left (that says "Reset RSA private key store" when you hover over)
    3. Enter a new password and confirm
    4. Now login to the SafeGuard Management Centre and you'll be asked where the MSO certificate is
    5. Choose Yes to supply the certificate and browse for the key file (this is the .p12 file that was saved initially when creating the certificate during your installation)
    6. In the first box enter the password that was used to protect the certificate
    7. In the second box enter the password for the Certificate Store (this is the password that was just reset)
    8. Click OK and the .p12 file will be saved to the users certificate store

    You should now be able to login.

  • In reply to Toby_DataEncryption:

    As of steps no 6


    6. In the first box enter the password that was used to protect the certificate


    This would require the password when it was originally set right?


    What if we don't have this password as well? Provided we still have the .p12 file and db copy....

  • In reply to Ins007:

    We just checked..... indeed we have certificates and db copy.


    however none of the password available @ given works.... any idea how to do recovery on this or it's considered 'dead' ?



    thanks again

  • In reply to Ins007:


    I am afraid we can rest the Certificate store password but not the Certificate's password. That is highly essential without which we may not be able to access the console at all despite having a db backup too!