Thinkpads Forum

That oval blurb sits there for around 90 seconds before the next blurb comes up on my new T60 asking me to do a fingerprint swipe. Is this a configuration issue or normal?

Honestly, at this point I need a serious primer on T60 security. There are so many things and at this point I have simply done what it seems I have to do to start configuring the machine, installing my applications, load data, etc. I registered all 10 fingers, have a Windows password, an administrator password, but am afraid to do anything else until I know what I'm doing. I have not done any of the BIOS password stuff (went in there and had a sniff, but don't know what that's about), don't know what a Supervisor Password is, etc. Where can I look to get a grounding on the security features of the TP? I need to know what I'm doing and, of course, I don't want to screw things up.

Thanks!

This one of the reasons that let me disable the security chip
a great feature but makes the system slow.

nxman wrote:This one of the reasons that let me disable the security chip
a great feature but makes the system slow.

Thanks. So... you disable it where? In the BIOS?

T60 1953CTO T5500 GMA950 60 GB 5400 XP Pro Fingerprint Sensor CDRW/DVDR 6 Cell Li-ion

Muse wrote:

nxman wrote:This one of the reasons that let me disable the security chip
a great feature but makes the system slow.

Thanks. So... you disable it where? In the BIOS?

T60 1953CTO T5500 GMA950 60 GB 5400 XP Pro Fingerprint Sensor CDRW/DVDR 6 Cell Li-ion

May want to check out my post/reply in this topic:

http://forum.thinkpads.com/viewtopic.php?t=34524

My boot up is at 1:41 now.. with all of the security stuff running

From the bios

Here are a few suggestions from my own experiences with the Thinkpad security settings:

- if you aren't using the advanced security settings (like saving passowords in the CSS software) the use of the security chip (and the CSS software really) is not really necessary.
- You can still use the fingerprint software for logon passwords even if you are not using the security chip or CSS
- The reasons for setting a BIOS password are so that nobody can enter the BIOS on your computer during boot up and change the settings. If you are just using a windows logon password then this really isn't a big issue. The main features in the BIOS that you wouldn't want changed are if you have set up a hard disk or power on password

For the BIOS, there are three main passwords that can be ste.
- The first is the overall supervisor password which controls any access to the BIOS settings
- The second is a power on password that if its set will not allow the entire system to power up without the passowrd
- The third is a hard disk password which will not allow the hard disk to be accessed without the password.
If you set either the hard disk or power on passwords then you can go into the fingerprint software settings and tell the software to use a fingerprint scan to replace these passwords. You can also set it to use only one fingerprint scan for both the power on and windows logins.

In my case, I travel a lot and I was worried about having my computer stolen with financial data on it. I therefore went into the BIOS and set both a supervisor password and hard disk password. I have set the fingerprint software to enter the hard drive password and windows logon passowrd from a single scan. Now, if my computer was stolen they would not be able to access my hard drive. They could however install a new hard drive and still use my computer because I did not set a power on password. Keep in mind that if you set a hard drive password make sure to remember it as the hard drive is useless without it.

If you aren't particularly concerned about the data on you hard disk a Windows password will be fine just to prevent others from using your computer. However, with just a Windows password somebody could take the hard drive out and access it as a second drive in another Windows system with full access to the data.

I hope this helps

The security software is completely useless for the average user not using the machine for work. The finger print reader can still be used without the software to log into windows etc.

Removing it is ideal for anyone not using this machine to hold secret data. It improves bootup speeds a lot.

af22 wrote:The security software is completely useless for the average user not using the machine for work. The finger print reader can still be used without the software to log into windows etc.

Removing it is ideal for anyone not using this machine to hold secret data. It improves bootup speeds a lot.

Um, the idea here is what? Go into Add/Remove programs and uninstall Client Security Solution and then install your own firewall, say a recent version of Zonealarm? TIA.

Anyone?

From the ThinkVantage Rescue and Recovery User's Guide:

Software installed is...
Rescue and Recovery 3.0 and Client Security Solution 6.0

And you want...
Rescue and Recovery 3.0

Follow this process
1. Select Modify from Add/Remove programs.
2. Remove the Client Security Solution 6.0 application.

Comments
* Local backups are deleted when the Client Security Solution 6.0 application is removed.
* Uninstalling the Client Security Solution 6.0 application will result in not having Password Manager or PrivateDisk.
* The Rescue and Recovery 3.0 backups protected with the Client Security Solution 6.0 application are no longer accessible. Create a new backup as soon as possible.

EDIT: Client Security Solution has nothing to do with having a software firewall such as ZoneAlarm or Kerio. Normally you should have a software firewall installed whether you use CSS or not.

GomJabbar wrote:From the ThinkVantage Rescue and Recovery User's Guide:

Software installed is...
Rescue and Recovery 3.0 and Client Security Solution 6.0

And you want...
Rescue and Recovery 3.0

Follow this process
1. Select Modify from Add/Remove programs.
2. Remove the Client Security Solution 6.0 application.

Comments
* Local backups are deleted when the Client Security Solution 6.0 application is removed.
* Uninstalling the Client Security Solution 6.0 application will result in not having Password Manager or PrivateDisk.
* The Rescue and Recovery 3.0 backups protected with the Client Security Solution 6.0 application are no longer accessible. Create a new backup as soon as possible.

EDIT: Client Security Solution has nothing to do with having a software firewall such as ZoneAlarm or Kerio. Normally you should have a software firewall installed whether you use CSS or not.

OK, so I can keep CSS and install Zonealarm alongside it? I was under the impression that CSS was at least in part a software firewall. I ask this stuff because I saw several posts by people who removed CSS. I'm thoroughly unfamiliar with it but am pretty familiar with Zonealarm, so I thought I should switch.

I want file sharing across my LAN, is my immediate desire. I'd also like reasonable protection against intrusion and spyware.

BTW, the original reason I started this thread (very slow boot times due to a message staying on screen for 1.5 minutes to the effect that the security chip status was being checked) has largely disappeared. The reason it's disappeared is unknown to me. However, that message now stays up 10-15 seconds at most, I think, although I haven't timed it.