HOW TO: Encrypt a Disk with WDE Administrator Passphrase by Default


Article ID: 156206


Updated On:


Symantec Products


Need to add the WDE Administrator to User Access List to the PGP Disk in PGP desktop via a PGP Universal policy.  The PGP WDE Administrator login provides administrator to access user's systems which are PGP Whole Disk Encrypted.

If an administrator needs to perform maintenance or other tasks on a user's system, the PGP WDE Administrator allow's to login with the passphrase defined in the policy.  Use the PGP WDE Administrator passphrase to log in to a user's system at the PGP BootGuard screen.


  1. Log into the PGP Universal Server administrative interface.
  2. Select Consumers > Consumer Policy then click the desired policy.
  3. Click the Desktop button next to PGP Desktop.
  4. Select the Disk Encryption tab (last tab in the menu) and place a check mark in the box next to Encrypt WDE disks to a Disk Administrator Passphrase.
  5. Click Save.



Note: If you have systems that have been encrypted with PGP WDE, you do not need to re-encrypt those disks in order to add the PGP WDE Administrator to the User Access. The key will be pushed down to the clients during the next policy update.


At the PGP BootGuard screen, log in using the WDE Administrator credentials as listed below:

  • Login: WDE Administrator
  • Passphrase: <Defined in the policy>
  • Domain: Local


Applies To

PGP Universal Server

Managed PGP Desktop client