Copyright
©
2013
congatec
AG
TU87m10
107/108
11.3
BIOS Security Features
The BIOS provides a setup administrator password that limits access to the BIOS setup menu.
11.4
Hard Disk Security Features
Hard Disk Security uses the Security Mode feature commands defined in the ATA specification. This functionality allows users to protect data
using drive-level passwords. The passwords are kept within the drive, so data is protected even if the drive is moved to another computer
system.
The BIOS provides the ability to ‘lock’ and ‘unlock’ drives using the security password. A ‘locked’ drive will be detected by the system, but no
data can be accessed. Accessing data on a ‘locked’ drive requires the proper password to ‘unlock’ the disk.
The BIOS enables users to enable/disable hard disk security for each hard drive in setup. A master password is available if the user can not
remember the user password. Both passwords can be set independently however the drive will only lock if a user password is installed. The
max length of the passwords is 32 bytes.
During POST each hard drive is checked for security mode feature support. In case the drive supports the feature and it is locked, the BIOS
prompts the user for the user password. If the user does not enter the correct user password within four attempts, the user is notified that the
drive is locked and POST continues as normal. If the user enters the correct password, the drive is unlocked until the next reboot.
In order to ensure that the ATA security features are not compromised by viruses or malicious programs when the drive is typically unlocked,
the BIOS disables the ATA security features at the end of POST to prevent their misuse. Without this protection it would be possible for viruses
or malicious programs to set a password on a drive thereby blocking the user from accessing the data.
