The "Self Destruct" feature is a defense against brute force password hack attempts. DataLocker products (Enterprise, DL3, and Sentry) perform this by "zeroizing" all the device’s encryption keys once a pre-set number of failed login attempts is reached.
Once the encryption key is deleted, the data can not be recovered. Powering off the unit does NOT reset the unsuccessful password attempts counter. Use this feature with caution.
For DL2 users:
When activated, after nine unsuccessful password entries the encryption key is deleted rendering all of the data on the drive inaccessible.
The initiation sequence is: 3 unsuccessful attempts, power down, 3 unsuccessful attempts, power down, 7th unsuccessful attempt and a "Hack Detected" warning message will appear, 8th unsuccessful attempt and a warning will appear again, after the 9th unsuccessful attempt the device self-destructs will initiate.
This feature can be disabled in the "Options" menu which is available immediately after entering your initial password.
For DL3 users:
By default, the DL3 allows 10 failed password attempts before it self-destructs. The user can set the counter to 10-30 attempts through the setup menu. After the drive has self-destructed, the encryption key is deleted rendering all of the data on the drive inaccessible and the drive returns to its default state; the password is 000000.
If the attempt counter is set for 10 attempts, the self-destruct sequence is 5 unsuccessful attempts, power down, 7th unsuccessful attempt and a "Hack Detected" warning message will appear, 8th and 9th unsuccessful attempt and a warning will appear again, after the 10th unsuccessful attempt the device will self-destruct.
For DL4 users:
By default, the DL4 allows 10 failed password attempts before it self-destructs. The admin can set the counter to 10-50 attempts through the setup menu. After the drive has self-destructed, the encryption key is deleted rendering all of the data on the drive inaccessible and the drive returns to its default state.
If the attempt counter is set for 10 attempts, the self-destruct sequence is 5 unsuccessful attempts, power down, 7th unsuccessful attempt and a "Hack Detected" warning message will appear, 8th and 9th unsuccessful attempt and a warning will appear again, after the 10th unsuccessful attempt the device will self-destruct.
For RFID users:
By default, the DL3 gives you 30 attempts to enter the incorrect "Input Tag" before it initiates its self-destruct mode and wipes the drive. This deletes the encryption key rendering all data inaccessible and returns the drive back to its default state and settings. After you input the incorrect "input key" 5 times the DataLocker powers down. You will need to disconnect the drive and reconnect it again, where you will get 5 more attempts, and so on and so forth until you reach the 29th failed attempt when it will display a message warning that if you enter the incorrect "input key" again, the drive will self destruct. Once you have input the 30th incorrect key the drive will power down and output a long beep, which is prompting you to disconnect the drive again. Once you disconnect and connect the drive again you will notice that you will be prompted to initialize the drive and set up a new password again.
For Sentry 3 (NOT FIPS) users:
By default, the Sentry gives you 20 failed password attempts before it self-destructs. After the drive has self-destructed, it erases the encryption key rendering all data inaccessible and the drive returns to its default state, prompting you to create a new password.
For Sentry 3 FIPS users:
By default, the Sentry 3 FIPS gives you 10 failed password attempts before it self-destructs. After the drive has self-destructed, it erases the encryption key rendering all data inaccessible and the drive returns to its default state, prompting you to create a new password.
For Sentry 3 FIPS Managed Device users:
For managed drives that have a remote password policy, on your 9th invalid password attempt, it will require a device recovery password to be entered and it does not wipe data until you enter the wrong recovery password; giving the opportunity for an administrator to be able to recover the data on the device in case the SafeConsole Administrator is able to recover the device. It will also not allow you to submit an invalid password recovery password but will allow you to enter a device recovery password from another device, but if it is not the correct device recovery password FOR THAT DEVICE, the device will then destruct.
For Sentry 3 (NOT FIPS) Managed Device users:
For managed drives that have a remote password policy, on your 19th invalid password attempt, it will require a device recovery password to be entered and it does not wipe data until you enter the wrong recovery password; giving the opportunity for an administrator to be able to recover the data on the device in case the SafeConsole Administrator is able to recover the device. It will also not allow you to submit an invalid password recovery password but will allow you to enter a device recovery password from another device, but if it is not the correct device recovery password FOR THAT DEVICE, the device will then destruct.
For Sentry K300 users:
Self-destruct functionality is enabled by default on the device and cannot be disabled. After 20 incorrect password attempts, the device will wipe all data and return the drive to factory settings. The message “Incorrect Password”, along with the current incorrect password count, will scroll across the screen each time an incorrect password attempt is made. Press Enter to display device information or press any other button to return to the password entry screen. After each 5 consecutive incorrect password attempts, the device will power off. Pressing the Power button will allow the user to continue entering passwords. After 17 and 18 consecutive incorrect password attempts, the message “Brute Force detected! All data will be deleted.” will scroll across the screen. After the 19th attempt, the message “Self Destruct will begin with next failed login” will scroll across the screen. Once the 20th consecutive incorrect password attempt has been made, the device will display “Hacking detected. All data has been deleted.” The device will then power off by pressing any button. Note: After the 20th incorrect password attempt, all data is wiped from the drive and it will be reset to factory settings. The drive will need to be reinitialized upon the next use.
For K350 users:
By default, the K350 allows 10 failed password attempts before it self-destructs. The admin can set the counter to 10-50 attempts through the setup menu. After the drive has self-destructed, the encryption key is deleted rendering all of the data on the drive inaccessible and the drive returns to its default state.
If the attempt counter is set for 10 attempts, the self-destruct sequence is 5 unsuccessful attempts, power down, 7th unsuccessful attempt and a "Hack Detected" warning message will appear, 8th and 9th unsuccessful attempt and a warning will appear again, after the 10th unsuccessful attempt the device will self-destruct.