FRIHOST FORUMS SEARCH FAQ TOS BLOGS COMPETITIONS
You are invited to Log in or Register a free Frihost Account!


BIOS Password enough?





bnbrown
Hey folks. I was wondering what if I set a password for the Computer in the BIOS. Can it be played through if some one stoles my Computer... I mean can he set to default my BIOS directly at the motherboard or so, and then reach my data? Or how can I better safe my hard drive and system? Thanks for help. - Oh yes, I use Win XP Home edition.
TomS
It takes about one minute to reset your Bios-password, if the 'hacker' has physical access to your pc. In this case, the only way to protect your data is an external harddrive, which is stored in a save.
WinXP passwords are even easier to reset because you only need a cd with the right software. So no knowledge about the hardware of a mainboard is required.
bnbrown
TomS wrote:
It takes about one minute to reset your Bios-password, if the 'hacker' has physical access to your pc. In this case, the only way to protect your data is an external harddrive, which is stored in a save.
WinXP passwords are even easier to reset because you only need a cd with the right software. So no knowledge about the hardware of a mainboard is required.


It's not so good news : (
LethcanAernis
Nothing is impossible, but you must do it as hard as possible for the hackers to get your data.
BIOS password do a lot, yes you can flash it etc but it makesit harder and maybe stop 50% from stealing just that computer and take an easier one (hopefully someone elses hehe)

To protect your hardware you can lock laptops very easy. To protect Software you can encrypt your whole harddisk so if someone steal your laptop they cannot read your data.. they must reformat and reinstall an OS.

So you have two things, physical security and software security. Both can be done for greatest security.
bnbrown
LethcanAernis wrote:
Nothing is impossible, but you must do it as hard as possible for the hackers to get your data.
BIOS password do a lot, yes you can flash it etc but it makesit harder and maybe stop 50% from stealing just that computer and take an easier one (hopefully someone elses hehe)

To protect your hardware you can lock laptops very easy. To protect Software you can encrypt your whole harddisk so if someone steal your laptop they cannot read your data.. they must reformat and reinstall an OS.

So you have two things, physical security and software security. Both can be done for greatest security.


I have a table-on PC. And yes, this is what I want: if some one stoles the hard disk from the PC he shall re-format the disk to be able to use if he does not know my password.
wowz
Why do you think someone is going to steal your harddrive? lol

But yeah, encryping everything works... little time consuming and such... but it works if you're really that worried.
bnbrown
wowz wrote:
Why do you think someone is going to steal your harddrive? lol

But yeah, encryping everything works... little time consuming and such... but it works if you're really that worried.


I just want. But before leaving home I should always encrypt the hardrive. It would be nice to protect it with a password that works like logging in to windows xp.
TomS
There are some tools that create virtual drives that can be protected with a password. So every prog (except the os, ofcourse) could be installed on this vdrive. Start your pc, run the prog, enter your passwort and seconds later have access to all your progs and data. Only the registry is not protected. So he might could see, which progs are installed, but I think that's not very interesting for a hacker. But as LethcanAernis said: Nothing is impossible.
If the hacker is good (a real hacker) and really wants to get your data, he gets them.
I'm wondering, why the laptop protection of mainboards is not built in the mainboards of desktop pc's. That wold be great. And a good solution for you.
bnbrown
TomS wrote:
There are some tools that create virtual drives that can be protected with a password. So every prog (except the os, ofcourse) could be installed on this vdrive. Start your pc, run the prog, enter your passwort and seconds later have access to all your progs and data. Only the registry is not protected. So he might could see, which progs are installed, but I think that's not very interesting for a hacker. But as LethcanAernis said: Nothing is impossible.
If the hacker is good (a real hacker) and really wants to get your data, he gets them.
I'm wondering, why the laptop protection of mainboards is not built in the mainboards of desktop pc's. That wold be great. And a good solution for you.


logs are not important os far, but the data on the HDD. So do you know a good and free tool as you mentioned? By the way does it still keeps the password if Hard drive removed from PC? Or it has the pass only while it is in the computer and under the control of the virtual drive software?
TomS
Yeah. I'll search for a good one. But I don't really know if it's free.
Well the software is on the harddrive, so if yout put the harddrive in another system, your data is still protected. If he uninstalls the vdrive software, the save is still on harddrive and still protected. Either he cracks the password or he has to format the drive, which is actually not the best way to steal your data Wink
ajukdisco
For ultra secure data ie client information,

I personaly use a caddy in a full tower and i remove this every day when im going out, And i put it in a safe it seems to be the only way to protect it fully, I have also seen people put a usb hard drive in a safe and simply drill a hole thru for the power and usb cable. But i think this would surely weaken the safe
gh0stface
Like TomS says, the BIOS password on a desktop computer is really easy to bypass. Unless you have a the chasis locked. It's commonly known knowledge that some people forget the BIOS password and the way to reset it is either removing the CMOS battery for a couple of minutes or using the jumper to reset the password.

However if you aren't working around tech-savvy people, using the BIOs password is enough protection to deter people.
Bones
TomS wrote:
It takes about one minute to reset your Bios-password, if the 'hacker' has physical access to your pc. In this case, the only way to protect your data is an external harddrive, which is stored in a save.
WinXP passwords are even easier to reset because you only need a cd with the right software. So no knowledge about the hardware of a mainboard is required.


You dont even need a cd to reset the password if the user has any admin account (including the true admin acct) that is not password protected, you can reset any XP password in 2 minutes.
TomS
Bones, you're right. I presupposed all adminaccounts (including the hidden one) are protected with a password. Because that is made most before an biospwd is added... The easiest way first.
rick2000sept
You want my advice? If you are so worried about people breaking your passwords and you do have sensitive data on your computer, get a finger print scanner, and if someone was trying to hack you then, they would need some serious spy stuff. Unless of course they were going through the internet. But if you are worried about people physically walking up to your computer, then finger print scanner might be the way to go. I don't know a lot about them but they might slow down hackers lol.

Nothing is safe, you have to realize that, NSA can read everything on your computer, but don't worry, unless you are a terrorist or an assassin, they won't care.
Transponder
they can hack youre BIOS Password easy by releasing a jumper on youre motherboard, even youre Windows XP Account Password, just make backups on a seperate harddrive or a usb stick Smile
socialoutcast
Bios passwords are really very easy to bypass. if you really what to reset your password, all you have to do is pull out that little battery on your mainbord and leave it out for a minute or two. that's even easier than moving a jumper over. The only downside to that, is that you'll lose your bios setting in the process, but that's no big deal for a hacker.
2eXtreme
If you place a password on your HDD however, its almost impossible to crack. Resetting the motherboards jumpers can't reset the HDD password, as the HDD password is stored in the HDD itself. Alot of laptops have this a defense mechanism. For example, if the laptop is dropped, the HDD places a password on itslef, so that the vandliser can't access the data. this even happens if you accidentally drop the laptop - it happened to a friend of mine. I've only ever bypassed the HDD password that I didn't know once, and that was by setting a System password through the BIOS, entering it correctly, and that bypassed the messgae asking for the HDD password, and I was able to retrieve the files I needed. Later that night, we booted the computer from a cold start, and the same method didn't work, as it was just booted from a cold start. There was nothing we could do, the HDD kept asking for its password, and after 3 attempts, the computer would shut down. We even contacted the manufacturer and there was nothing they could do.
quartz
Maybe there is a solution. I think about encrypted, password protected virtual drive which has two portions. One portion on hdd and another on usb flash disk. Even if you know password you cant open virtual drive if you dont have both portions of virtual drive.
vashish87
Convert partitions to NTFS. Encrypt. End of story. BIOS passwords are remarkably easy to reset once you have physical access to a machine.
xodia
TomS wrote:
It takes about one minute to reset your Bios-password, if the 'hacker' has physical access to your pc. In this case, the only way to protect your data is an external harddrive, which is stored in a save.
WinXP passwords are even easier to reset because you only need a cd with the right software. So no knowledge about the hardware of a mainboard is required.


its really simple to reset the password, if they have physical access anyway, they change a jumper on the mobo and then add power and bingo, NO PASSWORD, after that one cd and they have unlimited access to your computer.. simple as
TomS
Jup. Or they just steel your HDD. It's easier to carry away than the whole tower.
billgertz
I guess most of the replies was able to answer your question. going back to the original question, I believe bios protection is enough to secure your computer given the situation that the hacker doesnt have a physical access to your CPU.
TomS
billgertz wrote:
I guess most of the replies was able to answer your question. going back to the original question, I believe bios protection is enough to secure your computer given the situation that the hacker doesnt have a physical access to your CPU.


Lol. No true. If the hacker has no physically acces to the computer, it is totally irellevant, whether the biospassword is set or not. Then you have to look on the networkconnection. But the question was, what if someone stole the pc?!
And yes. This was already answered!
ocalhoun
Locking the case (Most cases have a ring on the access panel that you can put a padlock on.) in addition to a BIOS password can make your computer as secure as the lock. (They would have to cut the lock or break the case to get at it.)

If the data itself is what you want to protect, you should definitely encrypt it, weather you use windows NTFS encryption or a third party (I'd recommend a third party encryption), it will add more security to your data. If you're that security conscious, I'd also recommend switching to Linux, which has the capability to password encrypt partitions with, as well as better overall security.
orcaz
For expert users, hacking BIOS password on a desktop is easy. Just lookup the datasheet of the motherboard or sth liddat, they usually tell you how to do so. For mine, removing a particular jumper cap would remove the password. Hence, I dont set a BIOS password on my desktop. BIOS passwords would be more effective on a notebook, as it is portable & more xpensive, hence, ppl would rather steal a notebook then a heavy CPU. Also, it requires more skill and knowledge to reset a laptop's BIOS, so thatz why I set a BIOS password onli on my notebook.
Jaan
BIOS is not enough, as everyone on this thread has said.
If you have personal data, burn it to a CD/DVD or use an external hard drive. So if someone steals your PC, then they will always be able to view the data on it.
You can check alternatives for security. Look into Deep Freeze if you want. It is a great program, very secure, and virtually un-hackable as far as I know.
Cheers,
Jaan
billybob
What are you going to achieve with a bios password if someone steals your pc like everyone mentioned above all u needs to do is pull the jumper out.... and why would a bios password stop someone stealing your pc anyway? And unless they are after some data off your pc they will just reinstall the os.

But if you do have private information you really don't want anyone getting hold of you will need to encrypt it...

Hope this Helps
Ryan Cool
the zephyrus
Someone with physical access to your machine can destroy it. With a sledgehammer if nothing else. If you want to protect your data, encrypt it. If you want your data to be recoverable, use external storage. If you want to prevent it from being stolen, cable it to something. For notebooks, they make this weird card thing that's both a GPS + signal transmitter as well as disables booting up. Even though with physical access, both of those can be physically removed. Physical access does a lot.

For a good encryption software:
http://www.truecrypt.org/

For a good external storage device or security hardware, you're on your own. Most computer retailers carry both, though.
Related topics
how can i change password in my database?
How to bypass your BIOS Password
Installing, Partitioning & Formatting HDDs
Need help booting from USB (Dell BIOS)
Dell or Lenovo?
Install Linux with a locked BIOS
Shortcut to select the temporary boot priority
At school, Snapped for hacking.. have you been caught?
Trusted / Treacherous Computing
My Dell D620 laptop problem
How to log on XP without administrator password ?
Logon as Administrator - Windows 7 Home Premium
Forgot Administrator password
How to bypass windows admin password
Reply to topic    Frihost Forum Index -> Computers -> Computer Problems and Support

FRIHOST HOME | FAQ | TOS | ABOUT US | CONTACT US | SITE MAP
© 2005-2011 Frihost, forums powered by phpBB.