Question: I have a Dell Latitude E6400 and I would like to know how secure setting a BIOS HDD Password is? Does this apply some form of encryption to the contents of the drive or is it just some simple lock on accessing the drive? I.e. if the notebook was lost or stolen could the data on it be accessed by someone with a bit of know how?
Answer: BIOS passwords are simple locks. ?If you don’t provide the password, the BIOS simply stops and doesn’t continue the boot process.
There are two ways to get around this simple lock:
Clear the BIOS/CMOS memory (usually requires direct motherboard access).
Remove the drive and connect it to another computer (easier).
Update: As Blackbeagle’s answer mentions, there is a HDD password defined as part of the ATA specifications. ?This is also a simple lock, but it’s implemented in the drive, so neither of the above steps will bypass it. ?Some technical knowledge (and possibly some additional hardware) is required. ?You might be interested in this primer article on HDD passwords.
The BIOS lock is a decent deterrant in any number of movie-plot scenarios: someone with limited technical knowledge, or situations where the attacker can access the computer but doesn’t have time or freedom enough to take it apart. ?If you’re just trying to prevent your co-worker or family member from access, this works. ?However, this is not a significant deterrant for a determined attacker or someone who has unlimited physical access.
The ATA-level lock is a better deterrent, but it isn’t perfect. ?Again, a determined attacker, given enough time, will get your data.
Full-disk encryption is available, and provides better protection. ?Self-encrypting drives that do this in hardware exist, and there are plenty of software options. ?Data encryption makes it much more difficult for an attacker to get your data, but there are always ways to get around encryption. ?(In particular, beware of Lead-Pipe Cryptanalysis.)