When tamper protection is enabled, you must enter the tamper protection password if you want to configure on-access scanning, configure suspicious behavior detection, or disable tamper protection. You must be a member of the SophosAdministrator group to do this.

You need to enter the tamper protection password only once after you open Sophos Endpoint Security and Control. If you close Sophos Endpoint Security and Control and then open it again, you will need to enter the password again.

If you want to uninstall any of the Sophos Endpoint Security and Control components, you must enter the tamper protection password before you can disable tamper protection and then uninstall the software.

If tamper protection is disabled but the tamper protection password has been set previously, you must enter the password before you can re-enable tamper protection.

You will need to enter the tamper protection password to enable tamper protection if:

• You have previously enabled tamper protection, created a tamper protection password, and then disabled tamper protection.
• A tamper protection password has been created in the management console, but tamper protection is not enabled.