Dell Mini 1012 BIOS HDD Password Option: Is a Master & User Password Set ?

I've now regained access to my SSD !

Was very interesting. I had hoped to just boot the notebook via USB, and use hdparm via Ubuntu, but the BIOS had "locked" the boot option, and I couldn't select a boot via USB (as a temp) option. I had to take the SSD out. I have already a SATA to USB kit. So I then plugged the drive into my other laptop, and used hdparm from there.

It was a challenge to unlock the SSD, even when I knew the password ! Either I wasn't typing correctly, or the chars needing a "\" escape was causing problems with hdparm as input parameters. But in the end I was able to unlock the SSD with my user password I had set previously using hdparm.

I then decided to setup a single char password via hdparm, and try this in the Mini 1012. Amazingly, a single char password was not able to be used via the unlock BIOS. No idea why, perhaps the BIOS and hdparm communicate the password differently to the SSD (scan codes ?). But just entering the char, and pressing return when prompted did not unlock the drive.

I had to remove the drive again, and then I decided to disable security, but before I did this, I set up a master password (I had already reduced the security mode to high during user password setting). If I can change the master and user password, then I have effectively stopped the "back door" of Dell setting a master password.

Once back in the Mini 1012, I then enabled the HDD password, and everything worked fine as expected.

I took the drive back out again, and used my other laptop to see if the master password still worked. It didn't ! So it looks like the BIOS password setting procedure, sets the user to my requested password, and also sets the master to a Dell specific password.

I then put the drive back in the Mini 1012 (actually I could of done the above with the drive still in the Mini using Ubuntu). I entered my password as normal when prompted, and then used hdparm. The drive was frozen, so I had to first instruct the Mini to "sleep" for 5 secs so the drive was effectively turned off/on. I then set a new master password, which will of course overwrite the Dell master password given when I created a HDD password. This procedure worked.

So now I can used the SSD with full disk encyption, and I have set my own (user) password via the BIOS, and I've set my own master password via hdparm.

Dell's back door is now closed, so I'm happy. Well it should be closed ! The notebook is now secure enough for me, and no performance hit with the encryption.

What is interesting is the way the BIOS and hdparm "set" the password, that they are not compatible with each other. Maybe the BIOS sends hex char codes, or because hdparm pads the password, this padding extension may make the password different than the BIOS. The BIOS user typing in can only write an 8 char password, which is small, but considering that after either 3 or 4 attempts at entering a "wrong" password, the SSD needs to be power cycled, even a brute force attack on a SSD would be difficult and time consuming. Plus I only read emails or web surf using the notebook, so if I lost it, and someone really does want to take the disk out, and try to break the password, I have enough time to change my other passwords anyway.

What I though would of taken 30 mins to do, in the end took two evenings ! If anyone else is thinking of using BIOS HHD password for encryption, I would recomend to do it, but let the BIOS set the "user" password, and then just use hdparm to set the master one to what you wish. I wouldn't recommend playing around with security modes and passwords too much, if you mess up a little, you can cause yourself lots of extra work and trouble !