Skip to main content
Sign Out

Welcome to Dell

My Account
  • Place orders quickly and easily
  • View orders and track your shipping status
  • Enjoy members-only rewards and discounts
  • Create and access a list of your products
  • Manage your Dell EMC sites, products, and product-level contacts using Company Administration.
Sign In Create an Account Dell Financial Services Premier Sign In Partner Program Sign In
Contact Us

Your Dell.com Carts

Article Number: 000146346

Dell Command PowerShell Provider Hard Drive Password feature

Summary: Learn how to Deploy, Manage, Secure and Virtualize BYOD, Enterprise Client, and Mobility Solutions from Experts and Peers.

This article may have been automatically translated. If you have any feedback regarding its quality, please let us know using the form at the bottom of this page.

Article Content

Symptoms

Affected Products:

  • Dell Command | PowerShell Provider

Cause

Not Applicable

Resolution

In addition to system and admin passwords, hard drive password adds a security layer to the computers to prevent unauthorized access to the hard drive. If the hard drive password is set, then computer generates the hard drive password prompt and verifies the hard drive password during boot.

Important Points

  • If the hard disk is disabled, then corresponding hard drive password setting cannot be accessed using BIOS setup screen (F2).
  • At the time of the hard drive password prompt, if the computer is kept idle for ten minutes, the computer shuts down automatically.
  • If user enters wrong hard drive password three times at POST hard drive password prompt, computer starts acting as if the hard drive is not available.
  • If user enters wrong hard drive password five times at Setup hard drive password prompt, the hard drive no longer accepts password unlock attempts. The drive has to be power cycled in order to allow new password unlock attempts.
  • If the user presses ESC key at the hard drive password prompt, the computer starts acting as if the hard drive is not available.
  • Hard drive password prompt occurs only from hibernate (s4) or power off (s5) state.
  • If the system and hard drive password both are the same, then after giving the correct password during boot, the hard drive password prompt gets bypassed automatically.

Secure Erase

UEFI BIOS supports the Secure Erase feature in order to provide more security to the data stored in the hard drive. If this feature is enabled on your hard drive, Secure Erase wipes all data from the hard disk when it is unlocked using the master password. While setting the hard drive password, the computer prompts to enable the support for a Secure Erase feature.

Internal HDD-1 Password
Figure 1: (English Only) Internal HDD-1 Password

After clicking on yes, the computer again prompts for confirmation of enabling the support for a Secure Erase feature.

Security Erase
Figure 2: (English Only) Security Erase

Master hard drive Password

Master hard drive password is used to clear the hard drive password in case the hard drive password is set but unknown. The master hard drive password is a secure password generated by Dell using secure algorithms involving the hard drive serial number. Master hard drive password can be entered at the hard drive password prompt using CTRL + Enter. Master hard drive Passwords are only given on a needed basis to customers and others.

Note: If secure erase is enabled for hard drive, the computer will start to secure erase hard drive after entering master hard drive password.

Configuring hard drive password You can set, modify, and clear hard drive password using Dell Command | PowerShell Provider (DCPP). You can also verify whether the computer has hard drive password set, Secure Erase feature support, and so forth, using HDDInfo. To know more about installing and configuring the Dell Command | PowerShell Provider module on your computer, reference the Download and Installation section in the user guide.

Note:
  • Dell Command | PowerShell Provider configures the same password for all hard disks present in the machine. Use the BIOS setup screen (F2) to configure different passwords for different hard disks.
  • Hard drive password configuration operation requires a computer restart to apply the changes.

HDDInfo

  • HDDInfo provides the information about hard disks present in the machine. It displays the following information:
  • Hard drive Name — The name of the hard drive
  • Present — Whether the hard drive is physically present.
  • PwdProtected — Whether a password exists for the hard drive.
  • PendingRestart — Whether a reboot is pending to set the password.
  • AdminOnlyChange — Whether the changes to the password have to be made by an administrator only or not.
  • SecureEraseSupported — Whether hard drive Secure Erase is supported.
  • SecureEraseEnabled — Whether hard drive Secure Erase is enabled. Hard Disk Name

To get this information using Dell Command | PowerShell provider, run the following command:

Get-Item -Path DellSmbios:\Security\HDDInfo | Select -ExpandProperty CurrentValue
Note: The image displays the behavior of Dell Command | PowerShell Provider when using above command on a computer having two hard disks.

ExpandProperty CurrentValue
Figure 3: (English Only) ExpandProperty CurrentValue

In the image above, no password is set for both hard disks and other fields are also showing no.

Setting hard drive Password

A hard drive password contains a minimum 1 and a maximum 32 characters. To set the password, use the following command:

Set-Item -Path DellSmbios:\Security\HDDPassword "$HDDPwd"

SecureErase Supported
Figure 4: (English Only) SecureErase Supported

As we can see from the image above, pending restart for both the hard disks is showing Yes. Restart the computer to apply the changes. The computer prompts during boot as shown below, after restarting.

Dell Security Manager
Figure 5: (English Only) Dell Security Manager

To apply the change or to configure the hard drive password, click Modify. Click Ignore to cancel the changes. The computer prompts for each hard disk separately. If you click Modify, HDDInfo displays the information as shown in the image below.

SecureEraseEnabled
Figure 6: (English Only)SecureEraseEnabled

Note: If you have an admin or computer password set on your computer, then provide the admin or computer password while configuring the hard drive password using the following commands:

If the admin password is set,

Set-Item -Path DellSmbios:\Security\HDDPassword "$HDDPwd" -Password "$AdminPwd"

If the computer password is set,

Set-Item -Path DellSmbios:\Security\HDDPassword "$HDDPwd" -Password "$SystemPwd"

Modifying/Clearing hard drive Password

To modify the hard drive password, run the following command:

Set-Item -Path DellSmbios:\Security\HDDPassword "$NewHDDPwd" -Password "$OldHDDPwd"

To clear hard drive password, run the following command:

Set-Item -Path DellSmbios:\Security\HDDPassword "" -Password "$OldHDDPwd"
Note: Restart the computer to apply the changes.

Other Parameters of hard drive password

Dell Command | PowerShell Provider supports two additional parameters to configure the hard drive password.

  • AdminPassword - Provide Admin password by using AdminPassword parameter if administrator has restricted the changes to hard drive password.
To provide this parameter, run the following command: 
Set-Item -Path DellSmbios:\Security\HDDPassword "$HDDPwd" -AdminPassword "$AdminPwd"
  • ATAMaximumSecurityMode - Provide value to this parameter either as 0 or 1. To configure HHD password in a maximum-security mode (Secure Erase), provide value as 1 to this parameter.
To provide this parameter, run the following command. 
Set-Item -Path DellSmbios:\Security\HDDPassword "$HDDPwd" -ATAMaximumSecurityMode "1"

Path Dellsmbios
Figure 7: (English Only) Path Dellsmbios

Additional Information

Related Articles:

Article Properties

Affected Product

Dell Command | Powershell Provider

Last Published Date

11 Sep 2023

Version

6

Article Type

Solution

Back to Top