Is Bios HDD password OPAL secure compliant?

slnacer
slnacer Member Posts: 54 Devotee WiFi Icon
edited August 2023 in 2018 Archives
I see my Acer Aspire E15 series
 ( E5-575-50RM) laptop BIOS supports 3 types of bios passwords (supervisor,user&HDD) . In particular is this HDD password plain ATA security feature for disk or OPAL secure disk compliant to be used with those SSDs like Samsung that are opal secure disk supported?
Please let me know.

Best Answer

  • Commodore_1995#
    Commodore_1995# ACE Posts: 98,332 Trailblazer
    edited September 2018 Answer ✓
    1) To enable the password on boot, you must create a password in the set supervisor password;
    2) I do not know how a live linux session works, because I do not usually use this system! However, if the user has placed the password on the disk in bios and is using the system, any other user may have access to the disk;
    3) the bios password does not interfere with encryption and will not be part of the disk decryption at startup!
    However your device has a tpm chip which is a requirement of encryption programs like bitlocker! Make sure it is turned on in bios! However keep in mind that this does not have to be with the security keys created in bios! Only the tpm resource has to do with encryption on disk!

    Oi! Eu não sou sou a cortana! Mas estou aqui para ajudar! Hi! I'm not the cortana! But I'm here to help!
    Se você gostou da minha resposta, marque como solução clicando em sim! If you liked my answer, mark it as a solution by clicking on yes!
    Aceite somente a resposta que ajudou a solucionar o seu problema! Please accept only the response that helped to solve your problem!
    Detection tool click here to find the serial number or partnumber of your model!                                                          
                                                      
                                                     egydiocoelho Trailblazer
     
    ProductKey clique aqui para descobrir o serial do windows! click here to discover the windows serial!
    Para usuários da comunidade inglesa, espanhola, francesa e alemã, usarei o google tradutor! :)
    For users of the English, Spanish, French and German community, I will be using google translator! :) 

Answers

  • slnacer
    slnacer Member Posts: 54 Devotee WiFi Icon
    Any one can atleast tell me how the HDD password mechanism in BIOS of Acer works in the case of a normal HDD? 
    I.e if I secure a normal HDD via this then does it tie up my HDD to Acer mobo in anyway to be of no use in future on any other laptop even if I remember HDD password?


  • The hd password on bios is not restricted to your hd! It only blocks access to hd on your computer!
    If you remove the hd and put it on another computer, another user will have free access to this disk!
    Oi! Eu não sou sou a cortana! Mas estou aqui para ajudar! Hi! I'm not the cortana! But I'm here to help!
    Se você gostou da minha resposta, marque como solução clicando em sim! If you liked my answer, mark it as a solution by clicking on yes!
    Aceite somente a resposta que ajudou a solucionar o seu problema! Please accept only the response that helped to solve your problem!
    Detection tool click here to find the serial number or partnumber of your model!                                                          
                                                      
                                                     egydiocoelho Trailblazer
     
    ProductKey clique aqui para descobrir o serial do windows! click here to discover the windows serial!
    Para usuários da comunidade inglesa, espanhola, francesa e alemã, usarei o google tradutor! :)
    For users of the English, Spanish, French and German community, I will be using google translator! :) 
  • slnacer
    slnacer Member Posts: 54 Devotee WiFi Icon
    Thanks for taking time to reply . 
    But i doubt that.
     What good of such a HDD password if what  U say is true esp when we already have a specific "user/ password on boot" that gets prompted on boot sequence without entering one can't get past the boot stage itself to use the laptop?
    Imho something gets written to HDD firmware to say it is locked may be along with something in  mobo/bios .
    Anyway my original query also still remains on its behaviour with respect to SSD like Samsung .
  • slnacer
    slnacer Member Posts: 54 Devotee WiFi Icon
    Assuming what U say is true then if a person boots from usb stick a live OS of some kind then with HDD password set will it prevent that user from reading/accessing HDD contents from inside that live session?
    Please correct me if I am wrong here as I haven't tested any of these.
    Just trying to know exact nature of this acer HDD bios password feature & it's usage specifically with a SSD that offers self encryption.
  • I guess I did not explain myself right! Come on:
    a) the set supervisor password option creates an access key to enter the bios, that is, the user will only have access to the bios when entering a password! This option also frees some secret functions in the bios, for example we have the possibility to disable the secureboot!
    When creating a password in the set supervisor password, the functions to create a user password, a password to access the hd and a password to boot!
    b) when creating a user password, you will have access to the basic features of bios!
    c) when creating a password for hd, you will only block the access of that device in bios! If you remove the hd and put it on another computer, any user will have access to that device, because the password is not recorded in hd, but only in bios! The ssd's nvme, are not compatible with creating a password on hd!
    d) when creating a password in the password on boot, any user that has access to your computer, must enter a password before the windows boot!
    However none of these functions is totally safe since, just remove the rtc battery from the motherboard that all bios settings are reset!Digite seu comentário
    Oi! Eu não sou sou a cortana! Mas estou aqui para ajudar! Hi! I'm not the cortana! But I'm here to help!
    Se você gostou da minha resposta, marque como solução clicando em sim! If you liked my answer, mark it as a solution by clicking on yes!
    Aceite somente a resposta que ajudou a solucionar o seu problema! Please accept only the response that helped to solve your problem!
    Detection tool click here to find the serial number or partnumber of your model!                                                          
                                                      
                                                     egydiocoelho Trailblazer
     
    ProductKey clique aqui para descobrir o serial do windows! click here to discover the windows serial!
    Para usuários da comunidade inglesa, espanhola, francesa e alemã, usarei o google tradutor! :)
    For users of the English, Spanish, French and German community, I will be using google translator! :) 
  • slnacer
    slnacer Member Posts: 54 Devotee WiFi Icon
    Ok thanks much for reply.
    But 3 further queries :
      1. I thought "user password" and password on boot as same because "password on boot" shows up in my laptop BIOS as only enable/disable option and that it picks up same user password
    2. So if hd password is set and bios blocks access ,will a live session user from a usb will not see the hd device at all ? If true then fine 
    3.if not nvme but sata based SSD are still allowed to have this hd password does above function change with respect to the SSD that has self encryption already.Will it be of any other  use in taking part in key chain for such sed disk

    Thanks in advance
  • Can you tell the model of your notebook?
    1) The boot password is different from the user password!
    2) If you are on windows 10 and a user connect a usb device, hd will be seen!
    3) It seems to me that ssd sata 3 supports password in hd, but does not replace disk encryption!
    Oi! Eu não sou sou a cortana! Mas estou aqui para ajudar! Hi! I'm not the cortana! But I'm here to help!
    Se você gostou da minha resposta, marque como solução clicando em sim! If you liked my answer, mark it as a solution by clicking on yes!
    Aceite somente a resposta que ajudou a solucionar o seu problema! Please accept only the response that helped to solve your problem!
    Detection tool click here to find the serial number or partnumber of your model!                                                          
                                                      
                                                     egydiocoelho Trailblazer
     
    ProductKey clique aqui para descobrir o serial do windows! click here to discover the windows serial!
    Para usuários da comunidade inglesa, espanhola, francesa e alemã, usarei o google tradutor! :)
    For users of the English, Spanish, French and German community, I will be using google translator! :) 
  • slnacer
    slnacer Member Posts: 54 Devotee WiFi Icon
    1. aspire E5-575-50RM is my model and only I use Ubuntu linux 
    So no windows .
    I get in above model only "password on boot" as an enabled/disabled setting when I enter bios with my set supervisor password.
    2. If a live session user from USB device sees hd atleast in windows as uusay then I assume he or she can read contents of hd too. Then I stay away from using it at all .
    3. It doesn't replace Samsung SSD s own on disk encryption but will it form part of the key chain i.e decrypt process during boot up. ?
    If no then I get my answer to my original query and I need to look for bitlocker like stuff in Linux to use it for Samsung sed ssd

  • Commodore_1995#
    Commodore_1995# ACE Posts: 98,332 Trailblazer
    edited September 2018 Answer ✓
    1) To enable the password on boot, you must create a password in the set supervisor password;
    2) I do not know how a live linux session works, because I do not usually use this system! However, if the user has placed the password on the disk in bios and is using the system, any other user may have access to the disk;
    3) the bios password does not interfere with encryption and will not be part of the disk decryption at startup!
    However your device has a tpm chip which is a requirement of encryption programs like bitlocker! Make sure it is turned on in bios! However keep in mind that this does not have to be with the security keys created in bios! Only the tpm resource has to do with encryption on disk!

    Oi! Eu não sou sou a cortana! Mas estou aqui para ajudar! Hi! I'm not the cortana! But I'm here to help!
    Se você gostou da minha resposta, marque como solução clicando em sim! If you liked my answer, mark it as a solution by clicking on yes!
    Aceite somente a resposta que ajudou a solucionar o seu problema! Please accept only the response that helped to solve your problem!
    Detection tool click here to find the serial number or partnumber of your model!                                                          
                                                      
                                                     egydiocoelho Trailblazer
     
    ProductKey clique aqui para descobrir o serial do windows! click here to discover the windows serial!
    Para usuários da comunidade inglesa, espanhola, francesa e alemã, usarei o google tradutor! :)
    For users of the English, Spanish, French and German community, I will be using google translator! :) 
  • slnacer
    slnacer Member Posts: 54 Devotee WiFi Icon
    1. I have already enabled "password on boot" and set supervisor password too. I use same supervisor password for normal boot up as well as to enter BIOS setup .I guess if one also sets user password then it can also be used to boot up.
    So this got cleared. Thanks

    2. For a live session usb stick based bootup when hdd password is set and that live session user able to see,read hd device location contents worries/baffles me if true. That's why I didn't like HDD bios password at all

    3. Thanks , I will check tpm settings and figure out in Linux opal utilities .
  • Check the settings and show here! But let me ask you: what is the reason for so much concern for hard drive security? Are there any important documents?
    Oi! Eu não sou sou a cortana! Mas estou aqui para ajudar! Hi! I'm not the cortana! But I'm here to help!
    Se você gostou da minha resposta, marque como solução clicando em sim! If you liked my answer, mark it as a solution by clicking on yes!
    Aceite somente a resposta que ajudou a solucionar o seu problema! Please accept only the response that helped to solve your problem!
    Detection tool click here to find the serial number or partnumber of your model!                                                          
                                                      
                                                     egydiocoelho Trailblazer
     
    ProductKey clique aqui para descobrir o serial do windows! click here to discover the windows serial!
    Para usuários da comunidade inglesa, espanhola, francesa e alemã, usarei o google tradutor! :)
    For users of the English, Spanish, French and German community, I will be using google translator! :) 
  • slnacer
    slnacer Member Posts: 54 Devotee WiFi Icon
    I am trying to use my new ssd  disk inbuilt encryption in a way that is simple to setup and use. That's all.
    Thanks for your reply here.