2
We talking about a T500 Lenovo notebook, but take the question generally.
So: I have a BIOS password, a Windows password, a Boot password.
Does that mean my HDD is hardware encrypted and I'm safe or I should use TrueCrypt too for 100% security? (If there is a way to get around the basic Lenovo/Windows stuff, I'll encrypt it with Truecrypt, concentrate on this.)
Apache
Posted 2011-01-17T15:34:20.400
Reputation: 14 755
3
The HDD is not encrypted, only password protected. The BIOS password is very hard, if not impossible to crack. An employee got fired from the data center I work at and had set a BIOS password. I tried everything I could think of to hack the password, including disconnecting the CMOS battery, brute force, and I don't remember the rest because it was about a year ago. The Windows password can easily be hacked with a tool discussed in this superuser answer. I have never had a reason to hack a boot password.
I think you would be pretty safe, but just to be on the safe side, I would use TrueCrypt or another encryption software.
David
Posted 2011-01-17T15:34:20.400
Reputation: 6 975
AFAIK, BIOS passwords do not survive a CMOS reset (via the jumper). I'm not sure if that option exists on a Laptop. – Bobby – 2011-01-17T15:59:58.160
3Lenovo laptop's have a separate place that stores the password for the BIOS, which makes it near impossible to override. – mickburkejnr – 2011-01-17T16:07:10.117
You are correct @mickburkejnr, just as I described in the answer. Thank you for supporting my answer. – David – 2011-01-17T16:22:19.563
anytime :). I'm the proud owner of an IBM ThinkPad (built by Lenovo) so I have good experience with using them! – mickburkejnr – 2011-01-17T16:33:19.397
There is a way to clear the BIOS password on a ThinkPad, but yeah, clearing the CMOS won't do it. (And I'm not about to tell you how to do it, but it's not for the faint of heart anyway.) If there's a BIOS supervisor password set, there's absolutely NO WAY to clear that, period, no matter what. – Shinrai – 2011-01-17T16:40:15.817
3
Whole-disk encryption is generally provided either by the Operating System (i.e.: Windows BitLocker) or by third-party software such as TrueCrypt.
None of password protection methods you've described typically result in encryption of the data. In the end, if someone wants to get at the data of your machine in its current state, all they need to do is remove the hard drive and load it in a system they control.
Even in the same system, they could still use a boot disk to load their own environment on your computer. While the BIOS and boot-time passwords offer some level of protection against this, physical access to the system typically makes these measures trivial to override.
Iszi
Posted 2011-01-17T15:34:20.400
Reputation: 11 686
But ... I have tried to crack a HDD like that. Couldn't find any reference, bruteforcer or something. If you remove the hard-drive from the laptop and install it in a PC, it won't add it as a single NTFS drive. You have to enter the password in some way. – Apache – 2011-01-17T16:44:22.227
@Shiki - It sounds like you are now talking about a different HDD, from a different configuration. It is possible that the drive you're now referencing was actually encrypted, or used some file system that the host did not recognize. Or, perhaps the drive was damaged beyond readability. – Iszi – 2011-01-17T20:58:00.553
The drive was in an Acer laptop, and only had a HDD password from the BIOS. It wasn't damaged, the owner could boot it anytime. Also, it had NTFS, perfectly find NTFS. It just completely locks the HDD when you input a password there. I tried googleing all-day how could I crack it but people said its even impossible if you replace the (HDD) drive mechanism. – Apache – 2011-01-18T15:05:36.880
I don't think hard disk would be encrypted – Sathyajith Bhat – 2011-01-17T15:40:00.713
I'm trying to look around at Lenovo's / WD's website but they don't even mention encryption at hard-drive manufacturers. Is it that rare? – Apache – 2011-01-17T15:43:23.853
ThinkPads do support hardware drive encryption, but those drives are an expensive option you probably don't have. – Shinrai – 2011-01-17T16:40:41.340