Full Disk Encryption (FDE)
The Office of Information Technology (OIT) provides full disk encryption for all new or reimaged PSU-owned desktop and laptop computers. Encryption is a way of providing greater security for your files by turning them into scrambled code that can't be read by unauthorized users. This helps protect your sensitive data, and is especially valuable if your device is lost or stolen.
With an encrypted hard drive, you still log on to your computer and work as usual. The only difference is on Windows laptops, which will prompt you to enter a Personal Identification Number (PIN) when the computer is powered on. Windows desktop and Mac computers do not require a PIN.
On this page
macOS
Encrypt Your Mac Laptop
PSU-owned Mac laptops running macOS 10.10 and higher have encryption enabled by default. If you need an exception made for your computer to turn off encryption, contact your Departmental IT Support. If your department is not listed, contact the Helpdesk.
Troubleshoot Login Issues on Your Mac Laptop
If you have not logged on to a particular Mac laptop before, you will need to be added as a FileVault user. Contact the Helpdesk for assistance.
If you are having trouble logging on to a Mac laptop you have used before, or if you have forgotten your Odin password, try the steps below to log on:
Turn on your laptop.
From the startup screen, select your account.
Click the help button
. If you created a password hint, it will be displayed.
Enter your previous Odin password (the last password you had before your current one).
If you are presented with another login window, enter your current Odin password to log on. Your password should sync right away and you should be able to use your current Odin password to log on next time.
If you are not presented with another login window and go straight into your desktop, ensure that you are either connected wirelessly to PSU Secure or connected with an ethernet cable to a working network port. Your passwords should sync within 5-15 minutes of logging in.
If you still cannot sign in, continue to the next step.
Connect your laptop to the PSU campus network with an Ethernet cable.
Try to log on to your account from the login window.
If you can successfully log on, your passwords should sync and you should be able to use your current Odin password to log on next time.
If you still cannot sign in, contact the Helpdesk for assistance.
Windows
Encrypt Your Windows Desktop
In most cases, OIT will enable encryption on new Windows desktops by default. To verify that Full Disk Encryption is turned on, open File Explorer, then access This PC. If Full Disk Encryption is enabled, you will notice a lock icon on the C drive. Windows desktop computers do not require a PIN.
Encrypt Your Windows Laptop
In most cases, OIT will enable encryption on new Windows laptops by default. You will need to personalize your encryption setup with a Personal Identification Number (PIN).
Follow these steps to set up your PIN:
Log in to your new laptop with your Odin username and password.
When you encounter a prompt that says "Create PIN for C:", enter a PIN that follows the guidelines below:
Must be 4-20 characters
May contain letters and numbers
Will be case sensitive ("password" is different than "PaSSworD")
Don’t use any existing passwords (like your Odin password).
Re-type your PIN in the Confirm PIN field.
Select "Create PIN".
Note: You should memorize your PIN and avoid writing it down. If you must write it down, keep it on your person and never leave it where someone else could read it. Only share your PIN with the people allowed to use your laptop.
Unlock Your Windows Laptop or Tablet
The encryption software will prompt you for your PIN when you restart your Windows laptop or restore it from a hibernation state. Enter your PIN when prompted, then log in as usual. You should always lock your screen whenever you step away from your computer, and you will not be asked for your encryption PIN to unlock it.
Tablets do not have an on-screen keyboard during boot up, therefore you must have a keyboard or a USB keyboard to unlock a tablet.
Reset the PIN for Your Windows Laptop or Tablet
If you’re unable to log in to Windows because you have forgotten your PIN, you can follow the directions below to unlock the computer using the Self-Service Portal, and then create a new PIN. Alternatively, you can contact the Helpdesk for assistance.
Recovering Your Locked Device
When your computer asks for the encryption PIN, press Esc once on your keyboard.
On the next screen, locate the Recovery Key ID and record the first 8 characters. Leave this screen up on the computer.
Using another (non-locked) computer, go to the Self Service Portal and sign in with your PSU Odin account.
Note: The Self-Service Portal can only be used if you have previously signed in on your locked computer.Read the notice, then select the box beside "I have read and understand the above notice."
Select Continue.
On the next screen, enter a minimum of 8 characters of the Recovery Key ID and select a reason (i.e. Lost PIN).
Record the 48-character Recovery Key.
Return to the locked computer and enter the 48-character Recovery Key.
Press Enter.
Reset Your PIN on an Unlocked Device
Select one of the following two methods to reset your PIN:
Open the Start Menu and select Computer.
Right-click on your encrypted hard drive (usually C:).
Select "Change BitLocker PIN".
In the dialog box that appears, create a new PIN and then type it again to confirm it.
Press the "Change PIN" button.
OR
Open the Start Menu and select Control Panel.
Select "BitLocker Encryption Options" in the Control Panel.
Select the link that says "Manage your PIN".
In the dialog box that appears, create a new PIN and then type it again to confirm it.
Press the "Reset PIN" button.