To use
Drive Encryption Self-Recovery
to bypass preboot authentication for BIOS-based systems

  1. At the preboot authentication screen, in the
    User name
    field, type your user name.
    On touchscreen devices, you activate the virtual keyboard by tapping a text field. You can navigate around the preboot authentication screen by pressing the Tab key to select different fields on the form. Alternatively, tap a field or button to activate it.
  2. In the
    Domain
    field, select the domain that your account belongs to.
  3. Press or tap F4.
  4. In the screen that appears, select
    Self Recovery
    .
  5. Press or tap Enter.
  6. Answer the first security question displayed. Type the answer and press Enter.
  7. Continue to answer the questions.
    You must answer all questions correctly to bypass preboot authentication.
  8. When you have answered the questions correctly, the Windows operating system starts.
  9. (Optional) At the welcome screen, press
    Ctrl+Alt+Del
    .
  10. If you are a password-based user and your computer is connected to your organization's Active Directory domain, perform one of the following:
    • At the Windows login prompt, enter your new Windows password that you have received from your local administrator.
    • On the password reset screen, in the
      New Password
      box and the
      Confirm Password
      box, enter the new password that you want to use. Your current password is automatically populated in the
      Old Password
      box.
      This screen appears only if your policy administrator has enabled the Windows Password Reset feature for your computer.
      When you reset your Windows password, it must adhere to your company rules for password length, complexity, and so on.
    Drive Encryption then registers you with the new Windows password. You can use the new credentials for preboot authentication the next time you start your computer.
    Alternatively, if your computer is not connected to the Active Directory domain, you are logged in to Windows directly. To change your Windows password later, you can repeat this procedure when you have a working connection.
    If your computer takes too long to connect to the Active Directory domain after Windows starts, the Windows Password Reset feature logs you in to Windows directly. For example, you might experience this behavior if your computer takes too long to connect to a Wi-Fi network.
  11. If you are a token-based user, select your existing Windows account and log in with your new or rekeyed smart card. A successful Windows login triggers Drive Encryption to silently reregister you with the new smart card credentials.