To enter maintenance mode, you need to restart your system with request restart system in operational mode or look out for bootloader message that looks like below:
Enter 'maint' for boot menu. Booting PANOS (sysroot0, sda) after 5 seconds... Entry: maint
Type maint after 5 seconds the grub bootloader will appear:
GNU GRUB version 0.98 (631K lower / 3668608K upper memory)
+-------------------------------------------------------------------------+
| PANOS (maint, sda) |
| PANOS (maint, sdb) |
| PANOS (sysroot0, sda) |
| PANOS (sysroot0, sdb) |
| |
| |
| |
| |
| |
| |
| |
| |
+-------------------------------------------------------------------------+
Use the ^ and v keys to select which entry is highlighted.
Press enter to boot the selected OS or 'p' to enter a
password to unlock the next set of features.
Choose the first partition PANOS (maint, sda), you will enter the maintenance mode that looks like this:
Booting 'PANOS (maint, sda)'
root (hd0,1)
Filesystem type is ext2fs, partition type 0xfd
kernel /boot/vmlinuz ro root=/dev/md2 console=ttyS0,9600n8 init=/sbin/init_main
t quiet
[Linux-bzImage, setup=0x3000, size=0x21f070]
INIT: version 2.86 booting
Welcome to PanOS
Setting clock (utc): Tue Dec 11 00:28:39 PST 2012 [ OK ]
Starting udev: [ OK ]
Setting hostname PA-5050: [ OK ]
Checking filesystems:
Running filesystem check on pancfg: [ OK ]
Running filesystem check on panrepo: [ OK ]
[ OK ]
INIT: Entering runlevel: 3
Entering non-interactive startup
Starting Networking: [ OK ]
Starting system logger: [ OK ]
Starting kernel logger: [ OK ]
Starting portmap: [ OK ]
Starting NFS statd: [ OK ]
Starting panhttpd: [ OK ]
Starting sshd: [ OK ]
Starting ha-sshd: [ OK ]
Starting xinetd: [ OK ]
Starting ntpd: [ OK ]
Starting NFS services: [ OK ]
Starting NFS daemon: [ OK ]
Starting NFS mountd: [ OK ]
Starting PAN Software: [ OK ]
Welcome to the Maintenance Recovery Tool
Welcome to maintenance mode. For support please contact Palo Alto
Networks.
866-898-9087 or support@paloaltonetworks.com
< Continue >
Q=Quit, Up/Down=Navigate, ENTER=Select, ESC=Back
You will be shown to a menu of what you want to do:
Welcome to the Maintenance Recovery Tool
< Maintenance Entry Reason >
< Get System Info >
< Factory Reset >
< Set FIPS Mode >
< Set CCEAL4 Mode >
< FSCK (Disk Check) >
< Log Files >
< Disk Image >
< Select Running Config >
< Content Rollback >
< RAID >
< Set IP Address >
< Diagnostics >
< Debug Reboot >
< Reboot >
Q=Quit, Up/Down=Navigate, ENTER=Select, ESC=Back
Factory reset
WARNING: Performing a factory reset will remove all logs and configuration. Using Image: (X) panos-4.1.6 < Factory Reset > < Advanced >
You enter factory reset to restore the firewall to factory default, there was a scrub option however I think it is in Advanced option, the scrub will erase everything including PanOS. The Advanced option is password protected which I think is a great idea, if a reset with scrub is really necessary it should be done by Palo Alto Networks Engineers and not the users. If the PanOS is erased the firewall has to be sent for RMA anyway.
Content Rollback
This option is to revert to the previous PanOS you have installed. This can be done safely over the web user interface.
cyruslab 
Does a factory reset remove any licenses that are installed as is the case with buying an appliance second hand and not knowing the login/password? Thanks in advance.
Yes, Factory Reset would remove all license that are installed and login/password.
From maint could it be posible to change one of the Interfaces MAC Address
I want to know if Factory Reset will delete any updates installed ?
Thank you very much