Does a BIOS password protect the contents of my laptop?

Read the article that everyone's commenting on.
Subscribe to the RSS Feed for comments on this article.

I use TrueCrypt for containers, but I've so wanted to encrypt my entire drive for some time. However, the one drawback I can't seem to find a way around is how do I enter the password to allow the system to boot if I am rebooting my system remotely? I can't find a way around that. If anyone has any ideas, I would gladly entertain them.

We use BIOS passwords on our home computers to prevent the kids from using their computers without our permission.

But, as we tell our customers (paraphrasing you), "if it's not physically secure, it's not secure".

I have a BIOS password on my laptop to encourage a non-tech thief to call me for return, with a reward promised. Perhaps he would be encouraged to do so, rather than waste his time trying to get in for use.

Sometimes there is a disk password which typically prevents access unless you have the password (part of the ATA standard IIRC). It does not, however, encrypt the disk. Some info on it can be found at http://en.wikipedia.org/wiki/Advanced_Technology_Attachment#HDD_Passwords_and_Security

Only 768 megs of RAM, Leo? Wow,you are rockin' it old-school style!

As someone pointed out, this is a virtual machine, on my 8 gigabyte desktop machine.

23-Dec-2009

As a side note, you can remove the CMOS battery if you have access to the machine and that will also clear the password

Ted,

I thought the same thing initially, but Leo states immediately after the screenshot that it's a virtual machine. Typically, on a virtual machine, you don't allot too much memory or your main system won't have any to use. I typically use 768 on my VM's too...unless it's Windows and then you'll want to use a little more (IMHO).

@Rob,

On my machine, I have a BIOS boot password. After that is entered successfully I must then enter the HDD access password to access the Hard Drive. If someone was to remove the CMOS battery or use the jumper reset on the motherboard, then at next boot-up, the BIOS will first ask for the Serial Number of the board and for the Boot-Up Invasion password. I also have a small 9-volt battery encased in the power unit which provides power to the BIOS if the CMOS battery is removed.

As a side note, the reason I have such exorbitant protection before even reaching the OS is because the computer contains sensitive company information and these security measures are needed.

If security was important, you shouldn't have mentioned the 9V battery backup. 9V batteries do not last forever. Why are we still using CMOS memory, when Flash memory last 10 years with no electricity.

I agree on most of the points set up by Leo but I think that does not hold good for the newer ones.

Especially portable machines are encrypted with passwords that are stored in another chip other than the BIOS. CMOS battery removal will not reset them. You will have to contact the manufacturer of the PC / Laptop & prove your identity upon which they will probably give you a master password which will reset it for you. Maybe you will have to send it back to the Company from whom you purchased the machine to get the Bios password reset. And in the process you may have to pay a lot.

Ravi.

All the while the hard disk could be placed in another machine and its contents accessed.

23-Dec-2009

To post a comment on "Does a BIOS password protect the contents of my laptop?", please return to that article's main page.