0131 553 9006

28 Crighton Place
Leith Walk Edinburgh EH7 4NY

Recovery from Encrypted WD Passport Drive


We received a few days ago a Western Digital (WD) Passport drive in for recovery where the customer had forgotten the unlock password. Although it is a very common drive and we see quite a few of them in for recovery, not many people realise that these drives actually have a self-encrypting feature that means all data is scrambled with an encryption key by default.  These drives are basically known as Self Encrypting Drives (SED).     Strangely enough, the self-encryption function usually only poses a problem for recovery if the original drive gets damaged as the data, even if it could be extracted from the drive, would be just gibberish without the encryption key.  This key is locked into a protected area of the drive and is usually accessible only by the drive itself, and not the user.

Basically, if the drive is in good condition and not damaged, the access to the data should be seamless.

The other reason why sometimes access isn’t possible on these drives is when the customer forgets the access password or doesn’t remember setting one.  This is the case here.

So what to do?

Conversion from USB to SATA


Data Recovery via USB is possible on some drives.  We prefer a SATA interface which allows for greater control and speed which is important as sometimes Data Recovery is a race against time as drives that are faulty or damaged can fail at any time.   In this case, despite the drive not being damaged, the best thing to do is to convert the drive to a SATA interface which allows us to get it to talk to our Recovery System.

To do this, we need to find a compatible PCB (green) board from a suitable SATA Drive.  In this case, we have found a PCB match from another WD Drive (1TB).



Hard Drives have software unique to the particular drive held in different locations on the drive platters, but for the PCB transfer to work the information in the ROM chip (in red), on the original USB PCB needs to be also transferred to the Donor SATA PCB.  It can be done in 2 main ways.  Physically desolder the chip and move it over, or our preferred method, to read the ROM chip using our hardware.


Terminal Connection to Read ROM info
Reading ROM into PC3000 WD utility


Once the ROM was read from the original, it’s contents are copied over to the Donor board using the same method.  Once complete, the newly reprogrammed PCB is then simply screwed to the Original Drive.


We now have a working converted USB Passport drive that we have converted to SATA.

Removal of Security Restrictions and Decryption of Data

The Drive is now ready to be worked on by our advanced Acelabs PC3000 system. The PC3000 actually has a specialised utility to work on WD drives.    Despite the security lockouts, we can make changes to the low-level drive software using the PC3000 which effectively disables the security restrictions that prevent us access normally to the SED drive.  These steps will be detailed in another post as they are quite lengthy.

Effectively,  once the lockouts are disabled, the data can be easily read and copied off.  Despite being now allowed access, the data sectors by default are all still encrypted.  Thankfully, the PC3000 system can actually detect the type of encryption and strip it out while copying “on-the-fly”.

After the copy process is complete, the decrypted data files are then fully accessible.

Another job was done.