Do you set your BIOS password?
 

Every BIOS that I've seen has the option of setting a password to restrict access to the BIOS setup utility. Do you use it? Only on certain machines? Any stories?

If I have a bad guy in my house accessing my computer BIOS, I have security problems that go beyond passwords.

If I were in the Enterprise, I might have a different take.

Edit: If I were setting up kiosk machines for public use and the public might have access to the power button, I might also have a different take.

Not on any of my computers. If they were public use, then you should and more. I would even disable USB for public computers.

Exactly my thoughts.
I do actually encrypt the home partition of my netbook in case it is stolen (I have some personal information on there). However, since it's a personal machine I don't feel there is much risk of a bad guy installing a rootkit on it if I leave it on the table of a restaurant when I go to the lavatory or even if I leave it laying around in a hotel room.

My vote is no password for BIOS because it's really not a secure thing anyways.

I keep my sensitive data on a external encrypted drive and hope for the best.
However, If the encryption has a security flaw and a knowledgeable person knows how to exploit it then we're screwed.

I don't worry about this as anyone likely to be able to crack the encryption will either not need to as they have bigger fish to fry, already have the information I've encrypted or both.

Not in my all computers. But just encrypted HDs.

On portables I do

No, never.

Has there ever been an instance of some form of intrusion from a network based entity which has aversely affected someone's BIOS? Or further has there ever been an instance where a program has aversely affected someone's BIOS?

I fully get that you can screw up your BIOS if you enter the BIOS setup; worst case to the extent that you'd force all the settings to maybe cause the system to not boot and then set the password to something difficult.

I think if there were some widespread problems of BIOS intrusion via off system means, then yes maybe people might pay some attention to it.

I think one of the main reasons for setting the BIOS password is to make it more difficult for a bad guy to change the boot order and install a root kit or steal data.

My only reason for setting the password is to keep some casual prankster from setting one. I set only the Admininstator password, not the boot password.

That's a good point. Might have to ensure I set one in future.

Only on my laptop.

But, if my laptop is stolen, the security of the BIOS is probably the least of my worries.

I don't set it -- now I'll have to think about it. Thanks for giving your reason.

I generaly set two options on my computers. I not only restrict acess to the BIOS, I also set the password that keeps the computer from booting at all. Better safe than sorry is my mantra!

Nbiser

It depends on whether I live alone or not. I lived with other people for pretty much all my life and I had password set in BIOS for both booting and entering setup. But now I live alone and I don't have password anymore.

Wow some of you don't trust the people you live with, eh? But I understand that if there are situations like roommates or other people who might be inclined to play games with you. Worst I had to deal with was a teen who was punished with no electronics, internet, etc and they reset the router to defaults to gain access. That solution was a case of lock, key, and a longer duration of punishment.

I've already voted "no", never at work, never at home. Someone at work pulls that stunt, they risk the possibility that we'd order an immediate replacement and lose the time due to set up and re-establishment of a system, thus putting some prankster in the uncomfortable place of having to fess up to causing all that. And then they'd probably get fired for being an idiot. I guess also that I work with people who are a tad more busy and professional where this isn't even an issue that I'd conceive anyone taking their time to do.

I think it is more about not wanting to worry than not wanting to trust. Certainly I will be pissed off if I find out someone has tampered with my system, and they I will take measures. Or I could take measures before it happens and then I won't get pissed off, and someone's reputation with me won't be tarnished.

I think I'll leave the password off, because I want to know who I can trust more than I care about a stupid BIOS password that can be easily reset.

I'm with you, you cant even boot my portable without a password. Locks keep honest people honest.

Noooooo

I have had this experience - I think! Years ago (like mid 1990's) I set up what was then a primary workstation in a shared office facility not controlled by myself for a few weeks while working on a project.

After returning the machine to my own office, I was blocked by a password request!

I removed the CMOS battery and jumpered the line to ground, reset to defaults and started life over. I never knew for sure who or how, but for a while afterward I always set my own BIOS password for that reason... but I have dropped the habit, not much of an issue for me these days.