Do you set your BIOS password?

maples · 07-12-2014, 06:12 PM

Every BIOS that I've seen has the option of setting a password to restrict access to the BIOS setup utility. Do you use it? Only on certain machines? Any stories?

frankbell · 07-12-2014, 06:34 PM

If I have a bad guy in my house accessing my computer BIOS, I have security problems that go beyond passwords.

If I were in the Enterprise, I might have a different take.

Edit: If I were setting up kiosk machines for public use and the public might have access to the power button, I might also have a different take.

metaschima · 07-12-2014, 07:06 PM

Not on any of my computers. If they were public use, then you should and more. I would even disable USB for public computers.

273 · 07-12-2014, 07:40 PM

Quote:

Originally Posted by frankbell

If I have a bad guy in my house accessing my computer BIOS, I have security problems that go beyond passwords.

Exactly my thoughts.
I do actually encrypt the home partition of my netbook in case it is stolen (I have some personal information on there). However, since it's a personal machine I don't feel there is much risk of a bad guy installing a rootkit on it if I leave it on the table of a restaurant when I go to the lavatory or even if I leave it laying around in a hotel room.

${i} · 07-12-2014, 08:03 PM

My vote is no password for BIOS because it's really not a secure thing anyways.

I keep my sensitive data on a external encrypted drive and hope for the best.
However, If the encryption has a security flaw and a knowledgeable person knows how to exploit it then we're screwed.

273 · 07-12-2014, 08:06 PM

Quote:

Originally Posted by ${i}

However, If the encryption has a security flaw and a knowledgeable person knows how to exploit it then we're screwed.

I don't worry about this as anyone likely to be able to crack the encryption will either not need to as they have bigger fish to fry, already have the information I've encrypted or both.

kooru · 07-14-2014, 12:48 AM

Not in my all computers. But just encrypted HDs.

Germany_chris · 07-14-2014, 07:31 AM

On portables I do

rtmistler · 07-14-2014, 07:55 AM

No, never.

Has there ever been an instance of some form of intrusion from a network based entity which has aversely affected someone's BIOS? Or further has there ever been an instance where a program has aversely affected someone's BIOS?

I fully get that you can screw up your BIOS if you enter the BIOS setup; worst case to the extent that you'd force all the settings to maybe cause the system to not boot and then set the password to something difficult.

I think if there were some widespread problems of BIOS intrusion via off system means, then yes maybe people might pay some attention to it.

273 · 07-14-2014, 08:56 AM

I think one of the main reasons for setting the BIOS password is to make it more difficult for a bad guy to change the boot order and install a root kit or steal data.

rknichols · 07-14-2014, 10:00 AM

My only reason for setting the password is to keep some casual prankster from setting one. I set only the Admininstator password, not the boot password.

273 · 07-14-2014, 11:38 AM

Quote:

Originally Posted by rknichols

My only reason for setting the password is to keep some casual prankster from setting one. I set only the Admininstator password, not the boot password.

That's a good point. Might have to ensure I set one in future.

spatmur · 07-15-2014, 02:19 PM

Only on my laptop.

But, if my laptop is stolen, the security of the BIOS is probably the least of my worries.

JZL240I-U · 08-11-2014, 02:47 AM

Quote:

Originally Posted by rknichols

My only reason for setting the password is to keep some casual prankster from setting one. I set only the Admininstator password, not the boot password.

I don't set it -- now I'll have to think about it. Thanks for giving your reason.

Nbiser · 08-12-2014, 09:39 AM

I generaly set two options on my computers. I not only restrict acess to the BIOS, I also set the password that keeps the computer from booting at all. Better safe than sorry is my mantra!

Nbiser