Linux - GeneralThis Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Every BIOS that I've seen has the option of setting a password to restrict access to the BIOS setup utility. Do you use it? Only on certain machines? Any stories?
Distribution: Debian Sid AMD64, Raspbian Wheezy, various VMs
Posts: 7,680
Rep:
Quote:
Originally Posted by frankbell
If I have a bad guy in my house accessing my computer BIOS, I have security problems that go beyond passwords.
Exactly my thoughts.
I do actually encrypt the home partition of my netbook in case it is stolen (I have some personal information on there). However, since it's a personal machine I don't feel there is much risk of a bad guy installing a rootkit on it if I leave it on the table of a restaurant when I go to the lavatory or even if I leave it laying around in a hotel room.
My vote is no password for BIOS because it's really not a secure thing anyways.
I keep my sensitive data on a external encrypted drive and hope for the best.
However, If the encryption has a security flaw and a knowledgeable person knows how to exploit it then we're screwed.
Distribution: Debian Sid AMD64, Raspbian Wheezy, various VMs
Posts: 7,680
Rep:
Quote:
Originally Posted by ${i}
However, If the encryption has a security flaw and a knowledgeable person knows how to exploit it then we're screwed.
I don't worry about this as anyone likely to be able to crack the encryption will either not need to as they have bigger fish to fry, already have the information I've encrypted or both.
Has there ever been an instance of some form of intrusion from a network based entity which has aversely affected someone's BIOS? Or further has there ever been an instance where a program has aversely affected someone's BIOS?
I fully get that you can screw up your BIOS if you enter the BIOS setup; worst case to the extent that you'd force all the settings to maybe cause the system to not boot and then set the password to something difficult.
I think if there were some widespread problems of BIOS intrusion via off system means, then yes maybe people might pay some attention to it.
Distribution: Debian Sid AMD64, Raspbian Wheezy, various VMs
Posts: 7,680
Rep:
I think one of the main reasons for setting the BIOS password is to make it more difficult for a bad guy to change the boot order and install a root kit or steal data.
My only reason for setting the password is to keep some casual prankster from setting one. I set only the Admininstator password, not the boot password.
Distribution: Debian Sid AMD64, Raspbian Wheezy, various VMs
Posts: 7,680
Rep:
Quote:
Originally Posted by rknichols
My only reason for setting the password is to keep some casual prankster from setting one. I set only the Admininstator password, not the boot password.
That's a good point. Might have to ensure I set one in future.
Distribution: openSuSE Tumbleweed-KDE, Mint 21, MX-21, Manjaro
Posts: 4,629
Rep:
Quote:
Originally Posted by rknichols
My only reason for setting the password is to keep some casual prankster from setting one. I set only the Admininstator password, not the boot password.
I don't set it -- now I'll have to think about it. Thanks for giving your reason.
I generaly set two options on my computers. I not only restrict acess to the BIOS, I also set the password that keeps the computer from booting at all. Better safe than sorry is my mantra!
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.