Bios Password Asus G1s

Is it possible to password protect the BIOS with an Asus G1S?

If so, I'm thinking about doing it, but I frankly don't see the point in password protecting the BIOS given that I've heard that anyone with the desire can reset the BIOS password.

 

I'm sure you can, but there's no point, as you mentioned.

 

As far as I know, BIOS passwords can easily the most secure way of password protecting your computer.

This is because if you set it up properly, you cannot boot from any device, be it the hard drive, cd drive, usb device, network, etc. without inputting a password. You cannot use any programs to crack the password. The only way to crack the password is to brute force it by hand, which could take years.

While cracking them can be nearly impossible, resetting them is far more feasible. I only know of two ways to reset a BIOS password. One is with a manufacturer's default password. BIOS' are often designed to accept both your password and one determined by the manufacturer. If you can figure out the manufacturer's password, you can reset the user defined password. But this is not as easy on some laptops as it is on others.

The only other way I know how to reset a BIOS password is to clear the CMOS, by physically opening up the laptop.

While there are ways to remove a BIOS password, it is generally good way to keep people from booting up your laptop. Most people do not know how to get around this.

Keep in mind, however, that if someone wants your data, it is generally even easier to remove the laptop hard drive than to reset the BIOS password.

By your logic, password protecting and encrypting your data is pointless because there are people who can crack your information.

 

Because of the BIOS password is tied to the CMOS, it renders it completely useless. If you want to protect your data, encrypt it. Passwords are only good if you keep your laptop out a lot and don't want others using it on a whim.

 

Encrypted data can be unencrypted. If it couldn't, then it would be of no use to the owner. Anyone who knows enough to take apart a laptop and clear the CMOS would most likely be able to crack the encryption key for your data.

 

A 128 bit encryption takes a crapload of time to break and requires good knowledge and good tools. A BIOS password takes me, with a screwdriver.

Anything can be compromised, it's just a matter of how long and how much effort has to be put into it.

 

Is it practical and feasible to encrypt the whole hard drive and automatically encrypt all saved files?

Or would that slow everything down too much?

 

Only encrypt truly sensitive files.

 

In general wrt encryption and protection schemes, I suggest only use them if you really need them (e.g., if you have data from work that you are required by law to protect).

Otherwise, they will give more headaches than really be useful.

 

I'm not saying don't encrypt your data, or that a BIOS password is all you need. Data encryption is also important. But by your logic, that if someone who really wants to can break your security system, you shouldn't bother with it, encryption is pointless. I do not think so, but then again I do not think BIOS passwords are pointless.

What if some moron takes your laptop? Your data is encrypted, but the guy can still boot up your laptop. He can wipe your data if he wants to, and he can use the laptop all he wants. A BIOS password will not protect you from everyone, but it is useful in certain situations. If you're in a school, and you don't leave your laptop under lock and key at all times, it will be prone to pranks from other students. BIOS password is more than enough for situations like these, unless other students intend on stealing your laptop and pulling it apart later.

I don't see any reason not to use a BIOS password, as long as you know that you still need to encrypt sensitive data and protect your computer by other means.

 

Reason with the BIOS password is that I've seen too many stupid people employ that technique and forget what it is. I'm tired of going in and resetting it for them, so I generally advise against it.

I even use the Windows password, just so that random people don't hop onto my computer, and so that my computer doesn't finish boot-up without my intervention.

If you want data protection, encrypt it. If you want to stop people from using your computer, use a password. Just don't come to me when you forget what it is. Please.