Video Screencast Help
Give us your opinion and win with Symantec! Please help us by taking this survey to tell us about your experience with Symantec Connect, so that we can continue to grow and improve.  Take the survey.

Unlock External PGP WDE Disk

Created: 05 Nov 2013 • Updated: 06 Nov 2013 | 3 comments
This issue has been solved. See solution.

I have a hard drive with WDE enabled. I removed the drive and hooked it up externally to another machine running the PGP Desktop software. As soon as I connect it, I get a message to unlock the disk. However, none of my passphrases work that were configured for that disk. I cannot seem to get this disk unlocked.

Operating Systems:

Comments 3 CommentsJump to latest comment

_Adam_'s picture

1) Did you try to use a WDRT on bootguard to unlock the drive ?

Using Whole Disk Recovery Tokens

2) I am right thinking that the drive which you hooked up in externally to another machine is not a "removable external drive" - ? if this could be a case an "encrypted removable external drive" would not work on other machine as the session key is always saved locally on PGPWDE01 on local machine. Otherwords your drive would not be visible on the other machine (which from the post I guess it is not the case)

While having the drive hooked up externally can you run the following commands please and post the feedback:

Windows x64

C:\Program Files (x86)\PGP Corporation\PGP Desktop>pgpwde --enum

Windows x32

C:\Program Files\PGP Corporation\PGP Desktop>pgpwde --enum


C:\Program Files (x86)\PGP Corporation\PGP Desktop>pgpwde --status
C:\Program Files (x86)\PGP Corporation\PGP Desktop>pgpwde --list-users

It can be that the disk is locked if the policy was setup to locked out the disk after X failure attempts on bootguard.

Try also the below command:

C:\Program Files (x86)\PGP Corporation\PGP Desktop\pgpwde.exe --unlock --disk 1 --wdrt "WDRT HERE" or --ap "admin passphrase here"

if/when you consider your issue is resolved, please click "Mark As Solution" on a response
spitty's picture

We are not using PGP Universal Server, so not sure if I can do the token method.

I was able to get it to work using the -ap switch you suggested. Once I did this, the drive showed up in WIndows Explorer as an unformatted disk. Then, I went into PGP DEsktop, and I was able to see the user list on the drive and change the passphrase for the admin account on the drive. Once I did this, I was able to unlock the disk though PGP Desktop and gain access to the filesystem.

Thanks for your help!

_Adam_'s picture

Thank you spitty, so if the issue is resolved - please "Mark as solution" as this will help others with the same issue as yours.

if/when you consider your issue is resolved, please click "Mark As Solution" on a response