"Dr. Phil" said in news:
[email protected]:
it won't work anyway...these newsgroups are infamous for telling
folks how to bypass a password...so why bother....
And how do you "bypass" a password that is in the BIOS? If you set a password in BIOS, it should apply both against starting the machine AND to let you into the BIOS. Typically you get to set 2 different levels of passwording in the BIOS. One is for "system" that halts getting past the POST. The other is "setup" which prevents you from ever getting into the BIOS and also prevents you getting past the POST. Without the system getting to a point where an OS could be loaded, just how are you then going to run a cracker program against the password? With a "setup" password enabled, you cannot get into the BIOS to change it without already knowing the password.
That caveat is that you don't allow someone physical access *inside* your computer where they may find a 2-pin jumper to clear the CMOS or temporarily remove the battery so CMOS gets cleared. The defaults for most BIOSes is to *not* enable any passwording; otherwise, even a new user of a brand new motherboard couldn't make use of the effectively DOA motherboard. If the computer is in a physically secure location then the BIOS password is effective but only if you use the "setup" password option to also prevent them from getting into the BIOS to change it. Letting anyone get into BIOS is the same as giving every user account administrator privileges: you've left it wide open for anyone to change. If the computer is not in a physically secure location, there are kits you can purchase that will let you lock the case so it cannot be opened (well, it cannot be opened without causing lots of physical damage). I still lock my house and car although a crowbar easily removes the provided "breakouts" (i.e., windows). Obviously it would be stupid to lock my car and then leave the keys on the wiper blade so anyone could use them to get into the car, so obviously don't store the security kit keys for your computer case at the computer. I remember when there used to be keylock on the front to lockout the keyboard but guess where most users left the key? Yep, right in the lock itself. (Yeah, I know these keys were very simplistic and could easily be picked or a key from another system used but my point is to not leave any "key" with the computer, including sticky notes on the monitor or under the keyboard telling of your login password.)
Although I have Windows 2000 and Windows XP on my computer, I also have Windows 98, Windows ME, and even a DOS-only partition which obviously have no security. The BIOS "setup" password provides for password security so no one but me can startup my system. On hosts at work outside our secure lab, we also use lockdown kits to prevent physical entry inside the case. These not only prevent access to inside the case but also provide a deterrent to the case "wandering off", parts being "borrowed", or unauthorized "temporary [ab]use".
