Password on Boot from BIOS is a weak security method

This article was modified on 2012-05-29 10:24:17

What do you think about adding a password protection before Windows will start ? In my BIOS I have an option that allows me to enable a password on boot. It seems to look pretty secure as when I turn on my computer it asks for a password so this means that my entire computer is being protected. Is this a good protection ?

I will explain everything you need to know about this subject. It may sound a little bit confusing but it`s actually quite simple. Before we do that, let`s take a look at those 2 pictures just to make sure that we`re talking about the same thing. If I get it well, you are not asking me about how to add a BIOS password which is covered in this article. I intentionally said that because if you will add a BIOS password, the same password will be used for this feature – password on boot.

Password on boot is Enabled

If you enable a password on boot, yes it will protect your computer from your own children when you want him to sleep while he wants to surf on the Internet. Sure, if he is a little computer geek, it will definitely find a way to by-pass this protection. That`s how it looks like when you power on your computer or laptop.

Password on Boot requires to enter a password before loading the operating system

I was kidding but...regarding the level of security I didn`t. If you want to rely on this method...let`s say that it adds the same level of protection as a Windows password would. It means that is far away from being something secure.

Sure, it can delay someone from gaining access to your computer but not for a long time. I am not talking about trying to crack the password. There are no brute-force methods here. In order to bypass a password protection enabled from BIOS you would need to know how to reset a BIOS password so...basically it`s the same thing.

The most popular method involves removing a jumper or the battery from your motherboard for a couple of seconds, which will make your BIOS to ``forget`` about any password. You can find instructions on YouTube or on Google.

The second method if you don`t have this ability would be to find a person or a computer shop that knows how to do this - you have an example near the end of the article. Probably for 50-100 $ they would be able to reset this password.

I was able to reset my BIOS password but that was a long time ago. Back in 2003 when this was easy, at modern laptops this would void your warranty if left and you would need to find instructions on how to do this, preferably from the BIOS manufacturer which I doubt it will be an easy task...

There is also a major risk when doing this. There is a high probability that you can forget your password and everything I said until now will apply to you. It will be very stressful and you will waste a lot of time trying to find out how to recover your enabled password. So my advice: DON`T DO IT.

Back to the security level: Just think about it, this password will prevent the operating system to boot. It doesn`t matter if it`s Linux, Windows or anything else. It won`t let you boot as this is the purpose of this password. What would happen if someone would steal your laptop and you would rely on this method for protecting valuable data ? So what ? He just need ( the thief ) your hard drive and once it has the hard drive it can copy the entire content or access your entire content from a different operating system. It will only need a rack, a cable and a software or another operating system and minimum knowledge in this area, it doesn`t have to be a computer expert. If he can`t do it, it will most likely use a password recovery service as there are plenty of them.

Some modern laptops also allows you to add a hard disk password ( also known as hard disk locks ) which is the same thing after all since the right people will be able to do it. I just want to show an example, I am not affiliated with them but take a look at Password Crackers which does offer two services: one for BIOS password recovery and another one for Hard Disk Locks password recovery. Most likely they are not the only one in this market, probably there are similar companies or people which will be able to retrieve or let`s say bypass this kind of security.

CONCLUSION: DO NOT USE THIS METHOD thinking that it will protect your data. Even if you add a Windows password it is still easy to bypass both of these methods and we`re not talking about a secret agency here. There are other methods, not so difficult such as encrypting your entire operating system or partitions. TrueCrypt, DiskCryptor or FreeOTFE are one of the most well-known programs when it comes down to data protection and all of them are free.

Follow HowToAnswer