setting the HDP and SVP

Message

is · #1 Post by is » Tue Apr 22, 2008 8:16 am

Hello.

I am seriously considering setting the hard-disk and supervisor passwords on my T43s (two of them). My goal is avoiding anyone unauthorized to change the passwords without my knowledge (e.g., in case one of these computers is stolen). I know there are recovery procedures in case a password is lost (easy and publicly documented in the HMM for the POP, possible but dangerous --I certainly do not want to play with the hardware to read the contents of an EEPROM (and will not comment anything about it either in this forum or by private email, I know and accept the rules and there is a good reason for this one)-- for the User HDP and SVP).

I think that the supervisor password will do a nice job allowing us to remove the power-on password without tweaking with the battery pack and backup battery, it is certainly what I am looking for -- however, in the HMM I read that there are two modes for the hard-disk password:

1. User HDP
2. Master HDP + User HDP

Is it possible setting up the Master HDP *without* setting the User HDP?

In short, I would like to be able to change the User HDP and POP in case someone sets one of these; but setting a User HDP seems a bit overkill for me. I do not want passwords to boot the operating system, just to recover the system in case someone sets the POP or User HDP. The operating system currently does a nice job protecting my data.

#2 Post by **jdhurst** » Tue Apr 22, 2008 10:33 am

I am not an expert in this, but in my experience, a system will not start (even boot into a recovery CD) without giving the hard drive password. That is, if the hard drive password is set (mine is), then you need it to start the system in any way. That is how my ThinkPad works - if others see it differently from me, or if I have overlooked something, please post.

So if my laptop gets stolen, the hard drive is useless, and the thieves can (as you note) reset the power-on password, but they cannot even format the disk. So it seems my data is safe.

Have I got this right? I have tried to format and otherwise access protected hard drives and I cannot.
... JDH

is · #3 Post by is » Tue Apr 22, 2008 11:52 am

jdhurst wrote:So if my laptop gets stolen, the hard drive is useless, and the thieves can (as you note) reset the power-on password, but they cannot even format the disk. So it seems my data is safe.

Have I got this right? I have tried to format and otherwise access protected hard drives and I cannot.

Sure, you are right. When the "User HDP" is set no one is able to read from (or write to) the hard-disk without knowing this password.

But it is *not* my goal, I just want to set two passwords: the supervisor password (SVP) and the master hard-disk password (Master HDP). This way removing the POP (using the SVP) and the "User HDP" (using the "Master HDP") will be possible in case someone sets these passwords to unknown strings.

The problem is that, after reading the HMM, I understand that setting the "Master HDP" requires setting a "User HDP" (something I would prefer avoiding right now). It would be nice if I can set a "Master HDP" on the HDD board and store it in a safe place to remove the "User HDP" in case someone sets it. The POP is not really a problem (removing it is documented in the HMM), but using the SVP to remove the POP will make things easier (as you can see I love playing with software, I can easily recover from a mistake, but tweaking with hardware is another issue).

If I cannot set the "Master HDP" anyone with physical access to my laptops can set a "User HDP" that will be very difficult to remove. In fact, removing the "User HDP" without a working Master HDP will be challenging. However, with a working Master HDP it will be a trivial task. I want to set a SVP for the same reason (to remove an unknown POP).

On the other hand, if the SVP and Master HDP are not set, anyone with physical access to the computer can set these passwords too and recovery from these unknown passwords will be a "hardware nightmare" again.

I was probably not clear on my first post, sorry.

#4 Post by **richk** » Tue Apr 22, 2008 12:02 pm

The master and user passwords work the same way for normal use. On thinkpad security, the default is to set them both the same. The difference relates to how to unlock the drive when only one password is known. This is not done with the drive in the laptop. This gets into a discussion that might be called "trying to defeat security" so I won't go any farther.

#5 Post by **jdhurst** » Tue Apr 22, 2008 12:40 pm

I think what you are looking for is overkill (just my own opinion, please understand).

I set the user password and HD password to be the same. Now if someone tries to access the computer, they cannot, because they don't know the password. If they reset the user password (power on password) by common means, then they cannot access the HD. The power on password does not give access to the HD or its settings. So even if a tampering persons breaks in, they cannot access the hard drive.

If you need to prevent users from resetting the HD password, then set a supervisor password. That stops regular users. If regulars users break in (common methods), then they cannot access or change the HD.
... JDH

#6 Post by **richk** » Tue Apr 22, 2008 4:10 pm

jdhurst : What you are saying isn't true. If both are set, either will allow access to the data. The supervisor password is a backdoor to let a supervisor wipe the disk for reuse.

#7 Post by **rkawakami** » Tue Apr 22, 2008 4:25 pm

In my opinion, the safest way to insure the safety of your disk drive's data is to set a different password for the hard drive than the supervisor (BIOS) password. This is what I do. Yes, you do have to provide the HD password even if you boot from a floppy or CD. As long as the HD is in the system, it will ask for the HD password before proceeding with the boot. The only time I see the SVP is when I actively try to access the BIOS.

BTW, this is with a T23. Not sure if the newer TPs operate the same when it comes to the password systems.

#8 Post by **richk** » Tue Apr 22, 2008 4:30 pm

rkawakami: The part you say works the same on all the later models. The later models that allow hot swapping in the ultrabay will let you mount a password protected drive that way, but you still cannot read the daya without one of the passwords.

#9 Post by **jdhurst** » Tue Apr 22, 2008 9:58 pm

richk wrote:jdhurst : What you are saying isn't true. If both are set, either will allow access to the data. The supervisor password is a backdoor to let a supervisor wipe the disk for reuse.

I understand that (and thought I said that even after I re-read). Oh well, clarity is not my strongest point.

If someone knows the password, then of course they can change the HD password.

My point was, if someone does not know the power-on password, and therefore does not know the HD password, and then resets the power-on password to gain access, the HD password will stop them.

I missed the point about supervisor password. Sorry.
... JDH

setting the HDP and SVP

setting the HDP and SVP

Who is online