Hard Drive Level Password 1

[goombawaho]

If I understand correctly, if you set and forget a drive level password, you are pretty much out of luck in terms of getting it unlocked. Not even the manufacturer can help you even after proving ownership. You can't nuke it either. Is that correct?

Question two - there's no issue with replacing the drive with a new one in the same computer to get around the "bricked" drive with a password? In other words, it's not motherboard-based and thus doesn't brick the entire computer.

 

[vacunita]

If I understand correctly, if you set and forget a drive level password, you are pretty much out of luck in terms of getting it unlocked. Not even the manufacturer can help you even after proving ownership. You can't nuke it either. Is that correct?

Not quite. Usually HD's with the Drivelock or HD password feature have a user password, and a Manufacturer set Master Password to get in.

If both of those are lost there ways out there to bypass the passwords though they aren't cheap.

You may find this article interesting:
Hard Drive Passwords Easily Defeated; the Truth about Data Protection

Question two - there's no issue with replacing the drive with a new one in the same computer to get around the "bricked" drive with a password? In other words, it's not motherboard-based and thus doesn't brick the entire computer.

That would be correct. Being part of the HD, means removing the affected driver and replaying it with a none locked one is all it takes to put the machine back in working order. Minus of course all the data in the locked drive.


----------------------------------
Phil AKA Vacunita
----------------------------------
Ignorance is not necessarily Bliss, case in point:
Unknown has caused an Unknown Error on Unknown and must be shutdown to prevent damage to Unknown.

Behind the Web, Tips and Tricks for Web Development.

http://behindtheweb.blogspot.com/

 

[kjv1611]

Thinking along those terms is something that's made me weary of even using any hard-drive level password locking. Then again, if it's something that could be in an easily accessible location, such as a shopping mall or an airport, I could see the desire to put as many locks and passwords in place as possible...

 

[goombawaho]

Yeah, I knew there were two passwords capable of being set (USER and MASTER).

Vacunita:
I don't seem to see any evidence of a MASTER manufacturer password though, if you read this explanation of the implementation by Compaq (for instance):
ftp://ftp.compaq.com/pub/supportinformation/papers/na118a0598.pdf

That wouldn't make sense because somebody could leak the master manufacturer password and ALL implementations would be compromised. I think what you meant was MASTER password as an IT dept. would use (again referring to my link). The user would know the USER password and the IT dept. would know the MASTER as a trump card.


The reason I asked the second question is that I thought I read references to a piece of the locking "puzzle" being based on a chip on the motherboard, but I'm guessing that was incorrect.

All the locking happens on the hard drive (chipset/electronics/platters) such that only the locked drive is toast as a protection mechanism.

 

[vacunita]

For HD passwords everything happens on the drive. Not even replacing the controller card unlocks the drive.

You are correct about the Master password. Snafu on my part. No actual Manufacturer password. Though some data recovery specialist have tools that can break into the drive.



----------------------------------
Phil AKA Vacunita
----------------------------------
Ignorance is not necessarily Bliss, case in point:
Unknown has caused an Unknown Error on Unknown and must be shutdown to prevent damage to Unknown.

Behind the Web, Tips and Tricks for Web Development.

http://behindtheweb.blogspot.com/

 

[goombawaho]

Thanks Vacunita - I think I had found that link you posted AFTER I posted my question, but maybe it was just a similar one. Anyway, it was a good read. Have a star.

During my reading/research, I think some people mistakenly thought that the HDD password would "toast" or involve the motherboard as well, but that wouldn't be too good now would it.

 

[strongm]

>You can't nuke it either. Is that correct?

No, there are utilities around that can nuke (some) password protected drives; hdderase, for example, which is free

>a piece of the locking "puzzle" being based on a chip on the motherboard

Sort of, actually. Some (although very few I believe) BIOS can issue a "security freeze lock" command to password-protected drives, which is designed to try and prevent tools from applying password attacks (by enforcing a power cycle requirement before a password change is accepted)

 

[goombawaho]

No, there are utilities around that can nuke (some) password protected drives; hdderase, for example, which is free"

I'm not looking for exceptions to the rule. In general, it wouldn't be a safe assumption to say "sure, we can break that drive-level password". So, I'll always tell a customer, "you're likely hosed - I wouldn't pay us to come over and tell you so".

"Some (although very few I believe) BIOS can issue a "security
freeze lock" command"

Again, a minority from everything I read. The main reason for asking this aspect of the question was this. My main concern was "can you just throw out the password protected drive and start over with a new one. If motherboards were somehow involved, it would (could) have made that not so simple.


But I appreciate you sweating the details.

 

[strongm]

>I'm not looking for exceptions to the rule

I only put "some" in because I'm cautious and hdderase has not been updated for a while, so has some limitations with some recent drives. Alternative free (and pay for) tools, that use the same techniques as hdderase have a pretty consistent, reliable success rate with all SATA drives. Please note I was specifically addressing your assertion about nuking the drive not recovering the password or data.

 

[goombawaho]

Understood. After researching this, I would NEVER tell someone that their data could be saved on a password protected drive, unless they want to send it out for professional analysis.

Best to tell them "your drive is likely a paper weight, but we can put a new drive in and get you going. Where is your data backup?".