BIOS passwords

Question

I am considering recommending my company employ BIOS passwords on our laptops and wanted to get feedback and information on how this works on Inspirons. First, I've seen some posters discourage the use of bios passwords and claim that Dell suggests not using them as well? Why? Risk of losing the password? Lack of fullproof protection? From what I've read, it seems the laptop becomes a 'doorstop' if you forget it, so I suspect it's the former. Perhaps the recommendation is that home users do not use one for personal machines, but I know that many enterprises require they be used on employee's laptops, including IBM.   How does the technology work on Inspirons? Does it lock the hard drive somehow too such that it cannot be removed and used on another machine?   Forgive the general nature of these questions, but unless I'm missing it, Dell does not document the feature in their user manuals or anywhere on their site. Maybe because as other's have said, they discourage its use.

NemesisDB · Answer

on current dell notebooks, bios passwords will come in 3 flavors (and forgive me if I mess up their names, but it should be obvious which I'm taling about): setting a primary bios password will prevent the notebook from completing it's power-on self test without the proper password, thus preventing any use.  setting a hard-drive password will lock down the drive in any system that does not have the password (which could make recovery hard in a non-dell system).  setting the administrator password will prevent changes to the bios without the password.   if you forget the password, you will need to call dell and prove ownership -- they will then provide a machine-unique master password for you to use.  the passwords are not foolproof, but they are very, very good  (removing the cmos battery for instance, will not clear them).

sanssome · Answer

Actaully, I was thinking the opposite-- losing the data is far more costly to me than the laptop. Corporate intellectual assets typically far exceed the price of a low-end laptop. The bios password is meaningless if they can remove that drive, plop it in another machine, and steal my company's data.   I do recognize password management is a tough task for some and there's a risk the machine could become unusable for some period of time until Dell can assist; not a good scenario. Maybe I should focus on sane OS security policy and consider a service like Computrace. Seems well worth $49.95 a year.

leduke30 · Answer

The Primary Password blocks entry to the computer for any reason. The Admin Password prevents any one except the administrator from changing anything in BIOS Settings, with the exception of the date and time, but it does not block BIOS access; you just can not change anything. The Harddrive Password prevents entry also, and it also prevents the harddrive from being accessed on another computer. The last one is set on both the harddrive and the computer and it will also prevent the computer from accepting a new Harddrive until the original drive and Laptop are reunited and the password removed by entering it and then disabling it. The last sounds like a good idea, BUT!! what happens when a drive goes kaput? You not only lose the data on the drive, but you make a doorstop out of your laptop. I personally will stick to the first two, because you do not even need the Hardddrive to be installed to set or remove them, and if the drive goes out you lose data but not your laptop.

leduke30 · Answer

I do not believe Dell can help with Harddrive Passwords removal although they have never said so that I know of. I know the military uses those for obvious reasons, and probably all of the Security Agencies. They probably do not care about losing a laptop, which is what I hear you saying, Security First and Foremost..

NemesisDB · Answer

just in personal experiance: I had hard-drive and primary password set.  motherboard died.  sent in everything and they returned system with new board and the same drive -- so I assume recovery in those situations is perfectly within reason

sanssome · Answer

Thanks to those that replied. Good insight. I think I will call Dell however and request information on laptop security features. I find it appalling that Dell does not document these facilities. IBM, Toshiba, and Fujitsu, the other laptops I work with, all do.

NemesisDB · Answer

if you have winXP pro, set *very* strong user account passwords.  then use XP to encypt sensitive data.  even if they get the drive and crack it's password, it's still going to be useless

tracey1 · Answer

what if u bought it from another person or if its a refernished one

Locked Topics – Laptops General

BIOS passwords

Was this post helpful?