Unsolved
This post is more than 5 years old
1 Rookie
•
3 Posts
0
19230
March 3rd, 2015 05:00
How to remove BIOS master password?
Hello,
I noticed that some Dell laptops (in my case Inspiron 7520) have a dirty secret "feature" in their BIOS to allow a password recovery. Basically as I understand it, the procedure goes like this: you contact Dell technical support, you give them your service code and after verifying you they give you a special "master password" that bypasses the existing password and unlocks your BIOS.
Very nice and all except that this is a complete security disaster. What purpose does the original BIOS password protection even serve, if the security can be easily bypassed like this by anyone who knows the master password that cannot be changed? So as a result I am looking for a way to disable and destroy the master password for my laptop so that it can no longer be unlocked this way.
What's the correct way to do this? Is there a bios update that disables this master password backdoor? I'm definitely hoping this vulnerability can be patched somehow.
Thanks
ejn63
9 Legend
•
87.5K Posts
0
March 3rd, 2015 06:00
There is no way to disable the feature and keep the password - nor would it make much sense to do so, since Dell won't assist other than the verified owner of the system.
If you're concerned about the data on the system, consider encryption of the hard drive/SSD -- that can be rendered virtually unbreakable, even for a determined thief.
jskoc
1 Rookie
•
3 Posts
0
March 3rd, 2015 23:00
Sorry, but I'm a paranoid person.
No, I do not wish to keep the master password, I wish to disable it so that only the password that I myself entered in the BIOS will work, but no other. So basically you're saying that Dell isn't interested in helping me improve the security of my laptop?
It would seem that the only way to do so it to manually perform BIOS modding and I might just have to do that then. Have you ever wondered what code runs in your firmware and what it does? I've already dumped and disassembled the firmware image from the two Winbond SPI flash chips on the motherboard, and now it's time reveal your secrets! Hello there, CompuTrace, I won't miss you after you're gone from my BIOS.
Also, I'm aware encrypting can protect you from a determined thief, but what about a determined government?
ejn63
9 Legend
•
87.5K Posts
0
March 4th, 2015 04:00
Even if you succeed in removing the backdoor master code, it is still possible to get into the system by replacing the BIOS chip itself.
jskoc
1 Rookie
•
3 Posts
0
March 4th, 2015 22:00
Yes, and that will be visible to me because I use a lot of tamper-evident stickers on my laptop.