User Manual
20
21
Lock-Override Mode
Certain users may encounter a case where they need the key to remain
unlocked during a reboot, passing the key through a virtual machine or other
similar situation which, under normal circumstances, would cause the key to
lock. To help facilitate this use case, “Lock-Override Mode” will allow the key
to remain unlocked through USB port re-enumeration and will not lock again
until USB power is interrupted.
NOTE: When in this mode, the key is vulnerable to being moved from one
computer and connected to another computer provided USB power is
uninterrupted. Due to this vulnerability, we strongly recommend this mode be
used ONLY in circumstances where the key can be physically secured (as in
a locked Server Room) or in a place where it can be visually monitored while
in this mode. Use of a powered hub or a Y-cable increases this security risk.
Always return the key to the default Lock-Override Mode OFF when
returning to normal service.
To set the “Lock-Override” to On:
1. Enter the Admin Mode (Press and hold + 0 for ve seconds until the
RED LED blinks, then enter the Admin code and press the button.) The
BLUE LED will glow solidly.
2. Press the 7 + 1 together until the GREEN LED blinks three times,
followed by the BLUE LED glowing solidly.
3. When the key is unlocked and attached to a USB port in “Lock-Override
Mode”, the BLUE LED will blink once every three seconds to alert you
that the “Lock-Override” mode is active.
Note: If “Unattended Auto-Lock” mode has been turned on, “Lock-Override”
will not override it; the key will lock itself upon reaching the selected amount
of inactivity. If you need the key to stay unlocked, Enter the Unattended
Auto-Lock Feature and set the lock timer to “0” (0 = OFF) See Page 10.
To turn Lock-Override Mode off and return to normal operation:
4. Enter the Admin Mode.
5. Press the 7 + 0 together until the GREEN LED blinks three times,
followed by the BLUE LED glowing solidly.
6. To verify, unlock the key in User mode and check that the BLUE LED is
no longer blinking.
FAQs
This section contains troubleshooting information for the Aegis Secure Key. More can
be found in the FAQs section on apricorn.com
Q: What can I do if I forget the User PIN?
A: Use the Admin PIN to enter the Admin Mode and create another User PIN or (if
programmed at conguration) utilize one of the data recovery PINs programmed
into the device to create a state of User forced enrollment. Once a new user PIN is
created, the User will be able to regain access the device’s data.
Q: What can I do if I forget the Admin PIN?
A: In the case of forgotten Admin and User PINs, if data recovery PINs were
programmed into the drive at the time of setup, then you can use one of them to
create a state of User Forced Enrollment and generate a new User PIN to gain
access to (and back up) the drive’s contents. Once complete, you must then perform
a complete reset of the Aegis Secure Key where all PINs and data will be erased and
you will need to recongure / reformat the Aegis Secure Key, creating a new Admin
PIN which will allow you to reload the previously backed-up data onto the device.
Q: How do I use the Aegis Secure Key without a PIN?
A: As a full disk encryption product, the Aegis Secure Key can never be used without
a PIN.
Q: What encryption algorithm is used in this product?
A: The Aegis Secure Key uses AES 256-bit algorithm.
Q: The LED is blinking RED and I can’t enter a code. Why?
A: Somebody has tried to access the key and the code has been entered 10 times
incorrectly (see the Brute Force section of this manual.)
Q: Why does the LED indicate an error when I try to change the PIN?
A: PIN requirements for this key must meet a minimum security level. There are
several combinations that are not allowed, such as repeating numbers or sequential
numbers. The PIN must be a minimum of seven digits, and not longer than 16 digits.
Q: What are the ECCN and HST codes used for shipping this device outside
of the United States?
A: ECCN: 5A992.c and HTS code 8473.50.3000