One overall security solution

[dmichael]

I have had a new T42 for a little over a month now, and so far, I have not set any security passwords at all and I love it that way, since booting and waking it up is literally "no-hassle".

This machine rarely leaves my home and when it does its never far from my own 2 hands. I live in a low crime rate area, but if by some minute chance it were stolen, in its current unsecured state, I'd be in a heep of trouble.

If you had to choose just one password to set up, which would you choose. Whats the single most secure, most non-hackable password to set up?

P.S. I'd make that one password a fingerprint read.

[christopher_wolf]

A BIOS level password for sure; that is one of the strongest. It may be possible to do either a power-on password or a supervisor password and manage it via the Fingerprint Reader.

[tom101]

You might want to take a look at Pointsec

http://www.pointsec.com/products/pc/

I believe it's very secure. It encrypts your hard disk using an algorithm called Blowfish

http://en.wikipedia.org/wiki/Blowfish_%28cipher%29

once it's installed there's a password at boot up and then it's business as usual. There is obviously a slight CPU overhead but it's never caused me any concern.

[pae77]

For minimal hassle to gain some security, I would set the supervisor password, the bios lock password, the hard disc password and the power on password all to the same password. That way, when you boot up, or come out of hibernation, you will only have to enter one password, once, which really is not much trouble. Doing this will probably buy you at least several hours, and possibly longer to deal with the theft of your laptop data before anyone would be likely to be able to gain access, which would give you some time to do things like changing on-line passwords for access to financial accounts and canceling credit card accounts, etc.

Personally, I'm kind of leery of the IBM Security Chip, so I don't use that. I just fear it or the software for it will malfunction and cause problems or inconvenience, but I could be wrong about this.

Another good idea is if you are storing your passwords for on-line access on your laptop, either do so in a password encrypted file, like Firefox does if you use a master password in FF, or put the passwords in a "code" that will jog your memory but be useless to a thief. For example, if your password was foot9ball, you could just record it somewhere as f9. Not totally secure, but would probably buy you enough time to change all your passwords in the event of theft.

Actually, in addition to the above, it's a good idea to store all sensitive data in a password encrypted file "container" using an encryption program like TrueCrypt (freeware), but that involves more hassle (but not that much) than you sound like you are willing to put up with.

[kskim91]

I would second truecrypt for low hassle, just enough secure data protection. You can put all your data that you want secure in truecrypt volume, you can even name the file anything you want to further hide it. Mount if up and access your secure data and close when you are finished. This works well if only occasionally access your secure data.

[davidspalding]

Your security concerns seem low, so I'd suggest Power-on password, and use the FPR to swipe instead of type. Windows passwords are nice if only to deter snoopy housemates. IBM's Client Security software will let that power-on password/FPR swipe log you into Windows, too. I love that feature.

You mention "a heap of trouble" if you lost your data ... any reason why? Harboring nuclear secrets or the secret to perfect lemon pudding? If it's just that you'd be lost without your data, I strongly recommend you get a good USB drive and do regular backups of your data, if not your whole system. (IBM software can do this, but Windows XP does good, basic backups too. ) 1 minute after a HDD crash or laptop freefall drop is 2 minutes too late.

FWIW IMHO encrypting your hard drive is, in your case, overkill.