In our environment we have the polices setup to use preboot authentication before the OS. And do not sync the preboot authentication password with the OS.
Then if the user forgets their check point full disk encryption password they have to call in for a WebRH (web remote help challenge/response) to reset it.
Lets say hypothetically (hopefully never happens) the servers WebRH site goes down for a period of time...due to server issues... we have physical hardware Tokens that provide a Challenge/Response setup for one-time logins BUT is there any way once logged in to the OS to then manually reset the users account check point password???? Ie: Registry hack?? Etc.
The good old days of the older Pointsec versions which was not server-based once logged in with the physical hardware token you COULD then manually reset the users password from the Point Mananagement Console.
When I look at the E80.62 task bar GUI there is no option to change the users password from there, probably due to being logged in with the hardware token account not the actual user....
But still wondering if there is a workaround.