9
2
Hi I am going on vacation. I wanna secure my PC. Is there any way I can lock down my PC so that nobody can boot up it? Any BIOS level security?
BTW. I am running Windows 7 Ultimate.
9
2
Hi I am going on vacation. I wanna secure my PC. Is there any way I can lock down my PC so that nobody can boot up it? Any BIOS level security?
BTW. I am running Windows 7 Ultimate.
14
The most secure: Take the hard drive out and put it somewhere safe.
Next best: Most BIOSes have security options for requiring passwords to boot up.
10However, the BIOS password is trivial to reset if someone can open the PC case (at least in most desktop PCs; some notebooks have much better security, which results in expensive service if the BIOS password is forgotten). – Sergey Vlasov – 2010-12-14T20:52:53.620
Make sure you have a good backup before doing anything with the hard disk that increases the risk of it being dropped, lost or zapped by static electricity. Why not just leave the PC with a trusted friend or lock it in a cupboard? Worse case, take it to a mailbox company or left luggage place and stow it. – Linker3000 – 2010-12-14T21:06:08.353
2+1 for 'just take the hard drive and lock it up someplace'. – Shinrai – 2010-12-14T23:38:12.160
7
Physical access trumps most preventative measures you may put in place on your system, if the attacker knows what they're doing. There's a few options for preventing unauthorized boot-up of your system and access to your data. The following may be performed individually, or all together.
2I'd wager that the chances of you losing/dropping/bashing your hard drive/luggage are far higher than some burglar breaking into your house whilst you're away and booting up your PC. +1 for encryption and bios password though. – RJFalconer – 2010-12-14T23:41:19.790
1Instead of taking the drive on the road, consider simply hiding it in a closet or a drawer. If the computer does happen to get stolen, the drive might still be around. Alternatively, if you have a safe, use that. – JYelton – 2010-12-15T00:04:30.293
1@RJFalconer - I'd wager the OP is more concerned about insider threats (i.e.: kids that are supposed to be grounded, nosy roommates, etc.) than burglars. – Iszi – 2010-12-15T01:12:01.150
3
Setup full disk encryption using something like Truecrypt. http://www.truecrypt.org/ With a strong password your data will be very safe from other people. They can destroy it, to prevent loss, make a backup, and store it somewhere else, also encrypted.
2
If your BIOS supports it you can set a boot password. You can also turn on user account passwords by running control userpasswords2
from the start bar and setting up the accounts appropriately.
How will i come to know if BIOS supports? I have windows 7 Ultimate running on i7 – learner – 2010-12-14T20:50:29.500
When you reboot your computer you will have to follow its on-screen instructions to setup the BIOS. – Mike Chess – 2010-12-14T21:20:41.823
3@learner - 99.999999% of BIOSes support boot passwords. It's just a matter of knowing how to do it. For this, we would need the PC make/model and/or motherboard make/model. The BIOS is separate from the OS. – Iszi – 2010-12-14T22:14:56.230
Adding passwords to user accounts in Windows is only marginally secure. Unless you encrypt the files on disk, simply removing the drive and accessing it with a different computer is enough to bypass Windows user passwords (not to mention a plethora of utilities designed to circumvent NTLM passwords). – JYelton – 2010-12-15T00:06:17.000
3If someone wants your data, they will remove the HD and plug it in their computer. Options are to encrypt the drive, or to physically remove it yourself, like all the other posts have mentioned. – ja72 – 2010-12-15T05:40:10.593
1If this is just to prevent someone at home from hacking your machine, then just unplug the power supply from the motherboard and lock the chassis. Nobody will be able to turn it on without obviously damaging the chassis, and it may be enough to deter a nosey person. – Django Reinhardt – 2011-03-08T14:51:19.103