jaegermonster
Technical User
Novice question. How so I set up my PC so that when I switch on, the first thing I get is a password prompt?
Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
Start up Password 2
- Thread starter jaegermonster
- Start date
- Status
-
1
- #2
You need to go into the BIOS. Normally when you start up your computer, before it starts processing the Windows (or other OS) startup, it checks the memory, processor speed, etc... During that time, there should be a note at the bottom with "Hit DEL to enter Setup" or something like that (Some machines use the F8 key).
In the BIOS setup, there should be an option for a BIOS security password (so no one can access this without a password), and a boot password option, which allows you to protect the whole system from initial boot onward.
Remember, though, that anyone with actual access to your hardware can usually just remove a jumper for 30 seconds and drain the ROM memory of the motherboard, thus clearing all settings. I believe that some systems offer better security than this, but you have to research it. Some laptop manufacturers go so far as to make the whole system including hard disks dependant on the BIOS password, making it so you cannot even recover the information from the hard disk by placing in another computer. I don't know if any desktop PC manufacturers provide this level of protection.
There are add-on solutions to encrypt hard disk access, though. I don't know any specifics on that at the moment.
In the BIOS setup, there should be an option for a BIOS security password (so no one can access this without a password), and a boot password option, which allows you to protect the whole system from initial boot onward.
Remember, though, that anyone with actual access to your hardware can usually just remove a jumper for 30 seconds and drain the ROM memory of the motherboard, thus clearing all settings. I believe that some systems offer better security than this, but you have to research it. Some laptop manufacturers go so far as to make the whole system including hard disks dependant on the BIOS password, making it so you cannot even recover the information from the hard disk by placing in another computer. I don't know if any desktop PC manufacturers provide this level of protection.
There are add-on solutions to encrypt hard disk access, though. I don't know any specifics on that at the moment.
I would love to hear more about securing the BIOS from just such jumper deletion. I am considering a new desktop purchase, and wish to offer absolute access security even against users with physical access and technical know-how. How do I do that? Supposedly there are BIOS-overwriting encryption/access programs, but wouldn't that jumper drain those, too? Thanks.
-
1
- #4
GoldenEternity
Technical User
You could try a case lock, but those are usually pretty easilly picked. Given physical access to a system, and enough time, there's not much you can do...
Even if bios is password protected, if you're trying to protect the data on the hard drive, the attacker can just remove it from the system and plug it into another computer. An encypted file system would help with that.
Even if bios is password protected, if you're trying to protect the data on the hard drive, the attacker can just remove it from the system and plug it into another computer. An encypted file system would help with that.
Guest_imported
New member
- Jan 1, 1970
- 0
- 0
- 0
how could i find out the password to this? is there anything program or anythin i can do from "My Computer"?
Justin -
No. "My Computer" is part of the operating system (well, if you call Windows an OS, but I won't go into that...) and by that time it's too late -- you've already booted.
Typically to get into the BIOS setup screens you hit "Del" or "Shift-F2", or some other manufacturer-defined hotkey while it's counting memory. You then (usually) end up at a series of screens that allow you to set the hard drive size, boot device order, current time, CPU voltages, etc. One of the options is to enable a boot password.
By the way, don't change anything here unless you know exactly what you're doing. Otherwise you could end up with a permanently (And I DO MEAN PERMANENTLY) unbootable system (can you say "Let The Smoke Out Of The CPU", boys & girls?)
What Rycamor was saying was that the BIOS password can be defeated by placing a jumper block across the correct set of pins on the motherboard. Nothing to prevent it other than putting a lock on the case, and even then a computer case is not Fort Knox.
If you really want to prevent someone from accessing data on the computer, you need a hardware encryption device. There are companies who sell add-in cards that accept a smart-card to control access. Actually, one of the cheapest and best ways to control access to the data on the hard drive is to put the drive into one of the removable drive cages. When you're done with the computer, power down and remove the hard drive and take it with you. If you were to use a 63mm x 9mm notebook drive it'd be incredibly easy to do (I think the interface is compatible with normal ATAPI).
Chip H.
No. "My Computer" is part of the operating system (well, if you call Windows an OS, but I won't go into that...) and by that time it's too late -- you've already booted.
Typically to get into the BIOS setup screens you hit "Del" or "Shift-F2", or some other manufacturer-defined hotkey while it's counting memory. You then (usually) end up at a series of screens that allow you to set the hard drive size, boot device order, current time, CPU voltages, etc. One of the options is to enable a boot password.
By the way, don't change anything here unless you know exactly what you're doing. Otherwise you could end up with a permanently (And I DO MEAN PERMANENTLY) unbootable system (can you say "Let The Smoke Out Of The CPU", boys & girls?)
What Rycamor was saying was that the BIOS password can be defeated by placing a jumper block across the correct set of pins on the motherboard. Nothing to prevent it other than putting a lock on the case, and even then a computer case is not Fort Knox.
If you really want to prevent someone from accessing data on the computer, you need a hardware encryption device. There are companies who sell add-in cards that accept a smart-card to control access. Actually, one of the cheapest and best ways to control access to the data on the hard drive is to put the drive into one of the removable drive cages. When you're done with the computer, power down and remove the hard drive and take it with you. If you were to use a 63mm x 9mm notebook drive it'd be incredibly easy to do (I think the interface is compatible with normal ATAPI).
Chip H.
- Status
Similar threads
- Locked
- Question
- Locked
- Question