Tech Files
Password Protection Using CMOS
Imagine this: you’ve just bought a used computer at auction, and you’re feeling pretty impressed with yourself—after all, you’ve just saved hundreds of dollars by buying a pre-owned model that’s less than a year old. You’re eager to find out how well this little baby runs, so as soon as you get the machine home, you plug it in and boot it up.
You watch as POST runs, and you wait for a BIOS message screen to appear. But instead of seeing the BIOS screen roll peacefully by, you get a message that says, “Enter password.”
Password?? What password? You’re not even in Windows yet, so why is it asking for a password? The answer is that this system has been set up with what’s known as a CMOS password. It’s actually more correct to call it a system setup password, since CMOS is officially a thing of the past, but the original term has stuck with many techs.
While such passwords were originally used only to keep unauthorized persons from entering CMOS setup and changing important system settings, the BIOS in most modern systems offers the option of locking the entire system down with a password. Often, you’ll find that you can set two levels of passwords: Supervisor and User. In these situations, the Supervisor password provides full access to all settings, while the User password typically affords access to only one setting: the User password itself.
As the name indicates, these passwords are created and maintained in the system setup screens that you can access during system bootup. Remember that different BIOS manufacturers use different keys or key combinations to access system setup, such as [DEL] or [F2]. On most systems, the BIOS information screen includes directions on what key or keys to press.
The same screens and settings are used to enable and to clear system setup passwords. To find where these settings are stored on your own system, just look around a bit—the password settings are generally on the top level screen, as shown below (click for full-sized image).
For the setting that determines when the system will require a password,
look one level deeper, among “Advanced Features” or a similar heading.
If you don’t have a password set up, or if you know the current password, you can go to the appropriate screen and type a new password, which will take effect if you save your system setup changes.
Passwords at this level can be an effective deterrent to someone who wants to use, or snoop around on, your computer without your permission. If you decide to set up a CMOS password for yourself, you should be aware that if you forget this password, you’ll be in the same situation as the person you were trying to lock out, and there’s no quick and easy way to get around your own security wall.
If you do forget your password—or if you’re that unfortunate purchaser of a password-protected used computer—you’re going to have to reset the password the hard way: open the case and find the BIOS reset jumper on the motherboard. To find out just what to do with that jumper, you should consult your motherboard manual or the manufacturer’s web site.
Bear in mind that the person you want to keep out of your computer can also reset the BIOS—if they have a little time, adequate know-how, and a screwdriver. If you have a real security concern, you’ll need OS-level security, not just a CMOS password, to keep your data out of enemy hands.