10.5 Hard Disk Security Features
Hard Disk Security uses the Security Mode feature commands defined in the ATA
specification. This functionality allows users to protect data using drive-level passwords.
The passwords are kept within the drive, so data is protected even if the drive is moved
to another computer system.
The BIOS provides the ability to 'lock' and 'unlock' drives using the security password. A
'locked' drive will be detected by the system, but no data can be accessed. Accessing
data on a 'locked' drive requires the proper password to 'unlock' the disk.
The BIOS enables users to enable/disable hard disk security for each hard drive in
setup. A master password is available if the user can not remember the user password.
Both passwords can be set independently however the drive will only lock if a user
password is installed. The max length of the passwords is 32 bytes.
During POST each hard drive is checked for security mode feature support. In case the
drive supports the feature and it is locked, the BIOS prompts the user for the user
password. If the user does not enter the correct user password within five attempts, the
user is notified that the drive is locked and POST continues as normal. If the user enters
the correct password, the drive is unlocked until the next reboot.
In order to ensure that the ATA security features are not compromised by viruses or
malicious programs when the drive is typically unlocked, the BIOS disables the ATA
security features at the end of POST to prevent their misuse. Without this protection it
would be possible for viruses or malicious programs to set a password on a drive
thereby blocking the user from accessing the data.
Copyright © 2006 congatec AG
X945m13
101/102