Jump to content

How safe is my BIOS Power-on Password?

Guest pat_mc

By Guest pat_mc
in Windows XP

 Share

Recommended Posts

Guest pat_mc

Guest pat_mc

Posted
Posted

Hi -

 

A short while ago I learnt that if I transfer my data from an NTFS to a

FAT32 harddrive I lose all my security features on the files.

 

Since I use a BIOS power-on password to protect the data on my laptop I

am now wondering if there is any point to doing so at all. Could an

unauthorised person not simply access my PC with a bootable Linux CD

such as Knoppix and copy all of my files over to a FAT32 external

drive?

 

Or will BIOS be smart enough and prevent the evil-doer from doing this?

If yes, how? If no, is there anything else I can do to be safe against

data theft in case of laptop theft?

 

Thanks in advance for your advice.

 

Pat

 

 

--

pat_mc

  • Replies 9
  • Created
  • Last Reply

Popular Days

Popular Days

Guest Pegasus \(MVP\)

Guest Pegasus \(MVP\)

Posted
Posted

Re: How safe is my BIOS Power-on Password?

 

 

"pat_mc" <p_surname@hotmail.com> wrote in message

news:pat_mc.36zpz6@no-mx.tabletquestions.com...

>

> Hi -

>

> A short while ago I learnt that if I transfer my data from an NTFS to a

> FAT32 harddrive I lose all my security features on the files.

>

> Since I use a BIOS power-on password to protect the data on my laptop I

> am now wondering if there is any point to doing so at all. Could an

> unauthorised person not simply access my PC with a bootable Linux CD

> such as Knoppix and copy all of my files over to a FAT32 external

> drive?

 

Not with a BIOS password. However, it's fairly easy to remove

the hard disk and read its contents on a different machine.

> Or will BIOS be smart enough and prevent the evil-doer from doing this?

> If yes, how? If no, is there anything else I can do to be safe against

> data theft in case of laptop theft?

 

You have to encrypt your data. No doubt other respondents will

advise you on suitable techniques. Before you go down this path,

make sure that you are fully familiar with the technology. If the

encryption product is worth its salt then you won't be able to

decrypt your data in case something goes wrong - which happens

surprisingly often. Your data would be permanently lost, including

your backups.

> Thanks in advance for your advice.

>

> Pat

Guest R. McCarty

Guest R. McCarty

Posted
Posted

Re: How safe is my BIOS Power-on Password?

 

BIOS 'Password on Boot' is just a stumbling block, not real protection

against data theft. Even securing documents with a password is again

just something to slow down the determined thief. Unless you want to

go with full disk encryption, maybe just keeping data on a Thumb drive

(Encrypted) is a better choice. But that has the issue of loss, since they

are very easily misplaced.

 

Laptop drives are easily removed, so if the notebook is stolen the BIOS

password is pointless since it can be mounted in another machine to be

accessible. Windows Vista employs Bit-Locker Encryption and similar

type products are available for Windows XP.

 

If you do opt for any kind of Encryption make sure you have all the

keys, passcodes and other unlocking mechanisms backed up.

 

 

 

"pat_mc" <p_surname@hotmail.com> wrote in message

news:pat_mc.36zpz6@no-mx.tabletquestions.com...

>

> Hi -

>

> A short while ago I learnt that if I transfer my data from an NTFS to a

> FAT32 harddrive I lose all my security features on the files.

>

> Since I use a BIOS power-on password to protect the data on my laptop I

> am now wondering if there is any point to doing so at all. Could an

> unauthorised person not simply access my PC with a bootable Linux CD

> such as Knoppix and copy all of my files over to a FAT32 external

> drive?

>

> Or will BIOS be smart enough and prevent the evil-doer from doing this?

> If yes, how? If no, is there anything else I can do to be safe against

> data theft in case of laptop theft?

>

> Thanks in advance for your advice.

>

> Pat

>

>

> --

> pat_mc

Guest Tim Slattery

Guest Tim Slattery

Posted
Posted

Re: How safe is my BIOS Power-on Password?

 

pat_mc <p_surname@hotmail.com> wrote:

>

>Hi -

>

>A short while ago I learnt that if I transfer my data from an NTFS to a

>FAT32 harddrive I lose all my security features on the files.

 

That's right, NTFS supports many security features that FAT32 does

not.

>Since I use a BIOS power-on password to protect the data on my laptop I

>am now wondering if there is any point to doing so at all. Could an

>unauthorised person not simply access my PC with a bootable Linux CD

>such as Knoppix and copy all of my files over to a FAT32 external

>drive?

 

Yes, that's certainly possible.

>Or will BIOS be smart enough and prevent the evil-doer from doing this?

>If yes, how? If no, is there anything else I can do to be safe against

>data theft in case of laptop theft?

 

There are several products that encrypt the entire disk drive, and

won't kick in unless your machine is properly booted with

userid/password. That would mean an XP userid/password, not the BIOS

userid/password. If a malefactor removed your disk and connected it to

another computer, or used a Knoppix or other boot disk, your drive

would appear as gibberish.

 

My agency, which is concerned with exactly this scenario, uses

Pointsec. It works, but it does slow things down a bit. Just how much

it slows things down is somewhat debatable.

 

--

Tim Slattery

MS MVP(Shell/User)

Slattery_T@bls.gov

http://members.cox.net/slatteryt

Guest HEMI-Powered

Guest HEMI-Powered

Posted
Posted

Re: How safe is my BIOS Power-on Password?

 

pat_mc added these comments in the current discussion du jour ...

> A short while ago I learnt that if I transfer my data from an NTFS

> to a FAT32 harddrive I lose all my security features on the files.

>

> Since I use a BIOS power-on password to protect the data on my

> laptop I am now wondering if there is any point to doing so at

> all. Could an unauthorised person not simply access my PC with a

> bootable Linux CD such as Knoppix and copy all of my files over to

> a FAT32 external drive?

>

> Or will BIOS be smart enough and prevent the evil-doer from doing

> this? If yes, how? If no, is there anything else I can do to be

> safe against data theft in case of laptop theft?

>

If the battery can be removed to powerdown the firmware, then yes,

you'd lose your BIOS password. If you are really concerned about

security, I'd suggest you buy one of the relatively inexpensive

hardware devices that will HW encrypt your HDD and make it impossible

to use even if the PC is stolen and the disk removed. I'm more than a

little out-of-date on this stuff since retiring 6 years ago, but I

believe there are also very effective HW add-ons tha will totally

prevent the use of the PC, but the main thing is to protect the HDD.

 

--

HP, aka Jerry

 

"And, that's all I'm going to say about that" - Forrest Gump

Guest Ken Blake, MVP

Guest Ken Blake, MVP

Posted
Posted

Re: How safe is my BIOS Power-on Password?

 

On Fri, 28 Mar 2008 16:07:46 +0000, pat_mc <p_surname@hotmail.com>

wrote:

>

> Hi -

>

> A short while ago I learnt that if I transfer my data from an NTFS to a

> FAT32 harddrive I lose all my security features on the files.

>

> Since I use a BIOS power-on password to protect the data on my laptop I

> am now wondering if there is any point to doing so at all. Could an

> unauthorised person not simply access my PC with a bootable Linux CD

> such as Knoppix and copy all of my files over to a FAT32 external

> drive?

 

 

No, the BIOS password will prevent the computer from being booted at

all.

 

However, a BIOS password is an extremely weak form of protection. It

can be readily gotten around by resetting the BIOS, and all that takes

is removing the motherboard battery for a few minutes.

 

Alternatively, the drive can be removed from the computer and read in

another computer.

 

A BIOS password can be useful for protection against a casual passerby

who wants to see what's on your computer. It's essentially useless

against a determined invader.

 

 

--

Ken Blake, Microsoft MVP - Windows Desktop Experience

Please Reply to the Newsgroup

Guest smlunatick

Guest smlunatick

Posted
Posted

Re: How safe is my BIOS Power-on Password?

 

On Mar 28, 11:07 am, pat_mc <p_surn...@hotmail.com> wrote:

> Hi -

>

> A short while ago I learnt that if I transfer my data from an NTFS to a

> FAT32 harddrive I lose all my security features on the files.

>

> Since I use a BIOS power-on password to protect the data on my laptop I

> am now wondering if there is any point to doing so at all. Could an

> unauthorised person not  simply access my PC with a bootable Linux CD

> such as Knoppix and copy all of my files over to a FAT32 external

> drive?

>

> Or will BIOS be smart enough and prevent the evil-doer from doing this?

> If yes, how? If no, is there anything else I can do to be safe against

> data theft in case of laptop theft?

>

> Thanks in advance for your advice.

>

> Pat

>

> --

> pat_mc

 

BIOS passwords can easily be reset by removing the CMOS battery. Not

to ever be considered as a security method.

Guest C.Joseph S. Drayton

Guest C.Joseph S. Drayton

Posted
Posted

Re: How safe is my BIOS Power-on Password?

 

pat_mc wrote:

>

>Hi -

>

>A short while ago I learnt that if I transfer my data from an NTFS to

>a FAT32 harddrive I lose all my security features on the files.

>

>Since I use a BIOS power-on password to protect the data on my laptop

>I am now wondering if there is any point to doing so at all. Could an

>unauthorised person not simply access my PC with a bootable Linux CD

>such as Knoppix and copy all of my files over to a FAT32 external

>drive?

>

>Or will BIOS be smart enough and prevent the evil-doer from doing

>this? If yes, how? If no, is there anything else I can do to be safe

>against data theft in case of laptop theft?

>

>Thanks in advance for your advice.

>

>Pat

 

Hi Pat,

 

I think earlier I saw an article by you on this concept and you were

speaking about a laptop. If that is the case then I would like to clear

up a few points for you.

 

1) You can not simply pull the CMOS battery on most laptops built in

the last five years to remove the BIOS password. On laptops, the BIOS

password is stored in FlashRAM so losing power doesn't effect it.

 

2) Most Phoenix BIOS actually have two BIOS passwords levels, one for

the supervisor and one for the user. The supervisor password will allow

you to set boot devices and boot options. On my machine, I have it set

so that the computer will only boot from the hard disk. The 'user'

password can not change the boot devices or boot order if they press

the 'Esc' key during boot, all they are shown is the hard disk.

 

3) With laptops, the hard disk is normally easy to get to and removed.

Important data should therefore be stored in encrypted containers on

the hard disk. I might add that I do not recommend including all data

in a single data since if the container has a glitch, you could lose

everything.

 

4) Some newer laptops come with hard disk that can be encrypted. My

dv8100cto has this capability. I tested it and the performance is very

good. The only problem is that if the FlashRAM where the encryption key

is stored get corrupted, you end up with a very pretty paper weight

that looks just like an internal hard disk.

 

Over-all, I would recommend the use of a good quality encryption

container and a good quality 'external' portable hard disk for your

really important data.

 

--

 

Sincerely,

C.Joseph Drayton, Ph.D. AS&T

 

CSD Computer Services

Web site: http://csdcs.tlerma.com/

E-mail: csdcs@tlerma.com

Guest pat_mc

Guest pat_mc

Posted
Posted

Re: How safe is my BIOS Power-on Password?

 

 

I suspect it may be contrary to common practice in a forum to post a

final comment to thank respondents. Still, I would like to thank all

those who underwent the effort of sharing their knowledge regarding my

question. I now have a much clearer understanding of the limitations of

my data security.

 

Thanks for being nice, knowledgeable people out there!

 

 

--

pat_mc

Guest Doug Knox - [MS-MVP]

Guest Doug Knox - [MS-MVP]

Posted
Posted

Re: How safe is my BIOS Power-on Password?

 

Actually, not at all. A thank you is the only thing the person that answers

you gets in return.

 

--

Doug Knox, MS-MVP Windows Media Center\Windows Powered Smart

Display\Security

Win 95/98/Me/XP Tweaks and Fixes

http://www.dougknox.com

--------------------------------

Per user Group Policy Restrictions for XP Home and XP Pro

http://www.dougknox.com/xp/utils/xp_securityconsole.htm

--------------------------------

Please reply only to the newsgroup so all may benefit.

Unsolicited e-mail is not answered.

 

"pat_mc" <p_surname@hotmail.com> wrote in message

news:pat_mc.371wo8@no-mx.tabletquestions.com...

>

> I suspect it may be contrary to common practice in a forum to post a

> final comment to thank respondents. Still, I would like to thank all

> those who underwent the effort of sharing their knowledge regarding my

> question. I now have a much clearer understanding of the limitations of

> my data security.

>

> Thanks for being nice, knowledgeable people out there!

>

>

> --

> pat_mc

 Share
Go to topic listing
×
×
  • Create New...