HOWTO Use the Symantec Drive Encryption Windows Recovery Disk Image


Article ID: 181595


Updated On:


Drive Encryption




One method of decrypting a drive encrypted with SED (Symantec Drive Encryption) for Windows is to use the Recovery Disk Image. This image is named bootg.iso and is included with SED. After SED is installed it can be found in the following folder:

  • Windows x64: C:\Program Files (x86)\PGP Corporation\PGP Desktop
  • Windows x32: C:\Program Files\PGP Corporation\PGP Desktop

Images are also available on the Symantec Knowledge Base.

Using the recovery disk should be considered a last resort because it is a 16-bit process and decryption will be extremely slow. You should be prepared for decryption to take place at a speed as slow as 2 GB per hour.

Much faster options include "slaving" the disk to another machine running SED or building a WinPE image.

The procedure for using the recovery disk is as follows:

1. Burn the ISO image to a CD.

2. Ensure the machine's BIOS is configured to boot from CD.

3. Ensure you see the following screen to confirm you have booted from the recovery disk and press any key:

Initial screen

4. If you are using Simple bootguard authentication you will see the following screen. Here you can enter a valid passphrase or a WDRT (Whole Disk Recovery Token). If you have a token you can enter its PIN:

simple authentication

5. Press F4 to use answers to self-recovery questions. You will also need to press F4 if you are using Detailed bootguard authentication and wish to use a WDRT:

F4 screen

6. To use a WDRT simply type it and press the Enter key:


7. If you successfully authenticate you will see a screen that gives you the option of pressing "D" to begin decryption or any other key to attempt to boot into Windows.

8. If you press D to decrypt, decryption progress will be shown. Please note that progress will be very slow:


9. After decryption is complete the system will automatically boot into Windows:

Logon screen