PGP File and Disk Encryption

使用Symantec加密桌面加密计算机的硬盘驱动器

To protect your secure data from unauthorized access, you can use PGP Desktop to encrypt your hard drive. When you encrypt an entire disk using the PGP Whole Disk Encryption feature, every sector is encrypted using a symmetric key. This includes all files including operating system files, application files, data files, swap files, free space, and temp files.

On subsequent reboots, PGP WDE prompts you for the correct passphrase. Then the encrypted data is decrypted as you access it. Before any data is written to the disk, PGP WDE encrypts it. As long as you are authenticated to your PGP WDE-encrypted disk (after you have entered the correct passphrase at the PGP BootGuard screen), the files are available. When you shut down your system, the disk is protected against use by others.

For information on how to install PGP Desktop, click这里。

Set up whole disk encryption

  • 您必须在最新版本,10.3.0。
    • 旧版本称为PGP桌面,新版本称为Symantect加密桌面。
    • To check the version of either application, open the application and go to Help > About.
    • 您应该运行Symantec加密桌面10.3.0。
  • Make sure your computer's power adapter is plugged in.
    • 在加密处于进程时失去权力可能会导致您的文件无法恢复。
  • 确保您为此过程分配了几个小时。
    • 加密过程通常需要8小时。
    • 在此运行时,您仍然可以使用计算机,但它将比平常运行较慢。
    • 考虑将其留到过夜或时间延长时期的时间。
With an average system, an 80 GB boot disk or partition takes approximately three hours to encrypt using PGP Whole Disk Encryption (when no other applications are running). A very fast system, on the other hand, can easily encrypt such a disk or partition in less than an hour.
You can still use your system during encryption. Your system is somewhat slower than usual during the encryption process, although it is fully usable.
  1. Close all programs you don't need. This will reduce the time needed for the encryption process to run.
  2. Open Symantec Encryption Desktop by going toStart > Programs > Symantec > Symantec Encryption Desktop.
  3. ClickPGP Diskon the left.
  4. Click加密Whole Disk or Partitionon the right.
  5. If you are not planning to use the computer during the encryption process, check the box next toMaximum CPU Usage。这将以降低计算机性能的成本加速该过程。
  6. ClickNew Passphrase User...在右下方。
  7. ChooseUse Windows Password.Click下一个
  8. Choose仅使用密码短语身份验证
  9. If you login to the computer with your Domain Account,
    • 在相应字段下输入您的Wellesley域名和密码。
    • Make sure thatWELLESLEY输入域字段中,单击结束
  10. If you login to the computer with a local account,
    • 输入您用来登录到各个字段下的计算机的用户名和密码。
    • Make sure the Domain field is theComputer Name, 点击结束
    • Go back toStep 6to add your Domain Account as an additional user.
  11. 提供多个用户访问登录计算机,
    • Each person that needs access, needs to be present as they will need to enter their password. You can add additional users later if you wish, by following the same process, starting from Step 6.
    • 返回步骤6并添加帐户。
    • 如果系统提示您输入密码短语,则需要输入已添加到此部分的帐户的密码。
    • 这不是您的PGP密码,尽管弹出窗口似乎询问。
  12. Click加密在右上角。在流程完成之前,请勿关闭计算机。在加密过程中,您的系统可能比平时慢,但它是完全可用的。当加密过程完成时,它会恢复正常操作。
  13. Once the process is finished, your disk will be encrypted. You will be required to enter your passphrase whenever you log into your computer or your computer goes into sleep mode.

Logging in to an encrypted laptop

  • 加密笔记本电脑后,当您在计算机上重新启动或电源时,您现在将看到像下面的灰色屏幕:
    灰色屏幕
  • 输入您通常用于登录计算机上的Windows的密码。当您成功登录时,它将自动为您注销Windows。
  • 如果更改密码,则需要遵循以下路线以更新登录信息,因为它不会与我们的系统同步。
  • 如果您忘记了密码或无法登录,请联系服务台。

Changing your Domain Password in Whole Disk Encryption

在更改Wellesley密码重置页面上更改域密码后,您需要使用新密码更新PGP整个磁盘加密。
This requires another faculty or staff member with a Wellesley Domain Account present.(PGP does not work with student Domain Accounts)
  1. When you power on the computer, in the PGP WDE login screen, enter your old password. This will get you through the PGP WDE login. When Windows tries to log you into the computer, it will fail and the user will be listed as your name with SSO after it. Click Other User and login with your Domain Account.
  2. 您现在应该在您的Windows桌面上。从通知区域的灰锁图标中启动Symantec加密桌面,或启动>所有程序> Symantec加密> Symantec加密桌面。
  3. Click on PGP Disk on the left, then Encrypt Disk or Partition on the right. You should now see a list of at least your username under User Access.
    • 如果存在的其他人已在用户访问权限下列出,请跳至下一步。
    • If the other person present is not listed under User Access, click New Passphrase User, select Use Windows Password and click Next, click Next again, and then have them enter their Domain username and password in the fields provided, click Next, click Finish. When prompted for a passphrase to unlock the disk, enter your NEW Domain password and click OK.
  4. 单击用户访问下列表中的用户名,然后单击左侧的删除用户。出现提示时输入您的新域密码,然后单击“确定”。
  5. 单击新密码短语用户并添加您的帐户。单击“新消键”用户,选择“使用Windows密码”,然后单击“下一步”,再次单击“下一步”,然后让它们在提供的字段中输入其域用户名和密码,单击“下一步”,单击“完成”。当提示密码才能解锁磁盘时,让另一个人存在输入他们的域密码,然后单击“确定”。
  6. 如果您不希望其他用户可以访问您的计算机,请通过单击列表中的用户名从用户访问列表中删除它们,然后单击右侧的“删除用户”按钮。出现提示时输入您的新域密码,然后单击“确定”。