Greetings,

In an attempt to minimize suspected hacking on my box, I configured security
and
password protected the BIOS. I disabled a number of functions such as the
network card, all network functions and password protected all boot devices
and box itself.

In spite of having the passwords simple initially and oh my, written them
down. Yep. My BIOS is now inaccessible. I wrote my initial question a while
back and got the some good feedback.

The recommendations were;

A) Sometimes simply resetting the BIOS by removing the CMOS battery for
about 15 minutes (remove AC power cord first) will do the job.

B) Turn the computer on Without the Battery . This should Kill the password
.. Turn computer off. Reinstall the Battery.

C) If Windows boots:
1.) Open a Cmd Prompt Window
2.) Invoke Debug
-o 70 2e
-o 71 ff
-q
*o denotes letter o for octal address, not numeral Zero
In most cases this will mimic the action of moving the BIOS reset
jumper without having to open the PC case.

Windows still booted so I tried A) B), or removing the CMOS battery. C)
sounded risky. Now the machine no longer boots in Windows mode and I get a
message indicating that the machine has been tampered with at boot time.

.... And to boot, I still get prompted for a password... All the hardware
documentation I have, indicates that in this case the mother board has to be
replaced. Can anybody corroborate that? It is an Lenovo ThinkPad T60P.

I would appreciate any help you can afford me.

Thank you.

Jean-Pierre

"dareys" > wrote in message
...
> Greetings,
>
> In an attempt to minimize suspected hacking on my box, I configured
> security
> and
> password protected the BIOS. I disabled a number of functions such as the
> network card, all network functions and password protected all boot
> devices
> and box itself.
>
> In spite of having the passwords simple initially and oh my, written them
> down. Yep. My BIOS is now inaccessible. I wrote my initial question a
> while
> back and got the some good feedback.
>
> The recommendations were;
>
> A) Sometimes simply resetting the BIOS by removing the CMOS battery for
> about 15 minutes (remove AC power cord first) will do the job.
>
> B) Turn the computer on Without the Battery . This should Kill the
> password
> . Turn computer off. Reinstall the Battery.
>
> C) If Windows boots:
> 1.) Open a Cmd Prompt Window
> 2.) Invoke Debug
> -o 70 2e
> -o 71 ff
> -q
> *o denotes letter o for octal address, not numeral Zero
> In most cases this will mimic the action of moving the BIOS reset
> jumper without having to open the PC case.
>
> Windows still booted so I tried A) B), or removing the CMOS battery. C)
> sounded risky. Now the machine no longer boots in Windows mode and I get a
> message indicating that the machine has been tampered with at boot time.
>
> ... And to boot, I still get prompted for a password... All the hardware
> documentation I have, indicates that in this case the mother board has to
> be
> replaced. Can anybody corroborate that? It is an Lenovo ThinkPad T60P.
>
> I would appreciate any help you can afford me.
>
> Thank you.
>
> Jean-Pierre
>
>
From the Service and Troubleshooting guide, p.18:

http://download.lenovo.com/ibmdl/pub/pc/pccbbs/mobiles_pdf/42t8002_a.pdf
Problem: I forgot my password.

Solution: If you have registered your computer for Password Reset Service,
and you forgot your power-on or hard disk password, you can reset it by
pressing the ThinkVantage button at the password prompt. v If you cannot
reset your power-on password, you must take your computer to a Lenovo
authorized servicer or a marketing representative to have the password
canceled. v If you cannot reset your hard disk password, Lenovo authorized
servicer cannot reset your password or recover data from the hard disk. You
must take your computer to a Lenovo authorized servicer or a marketing
representative to have the hard disk drive replaced. Proof of purchase is
required, and a fee will be charged for parts and service.If you forgot your
supervisor password, Lenovo authorized servicer cannot reset your password.
You must take your computer to a Lenovo authorized servicer or a marketing
representative to have the system board replaced. Proof of purchase is
required, and a fee will be charged for parts and service.

The bad part is that it looks like it's going to cost you to get it fixed.
Glad I didn't buy one; I'd be hosed big time. So option C from above may be
the option to try if you can get back into Windows, although my guess is it
won't work either.

Here's a rather involved possible solution if you want to tackle it:
http://sodoityourself.com/hacking-ibm-thinkpad-bios-password/

Best of luck,

SC Tom

SC Tom wrote:
>
> "dareys" > wrote in message
> ...
>> Greetings,
>>
>> In an attempt to minimize suspected hacking on my box, I configured
>> security
>> and
>> password protected the BIOS. I disabled a number of functions such as the
>> network card, all network functions and password protected all boot
>> devices
>> and box itself.
>>
>> In spite of having the passwords simple initially and oh my, written them
>> down. Yep. My BIOS is now inaccessible. I wrote my initial question a
>> while
>> back and got the some good feedback.
>>
>> The recommendations were;
>>
>> A) Sometimes simply resetting the BIOS by removing the CMOS battery for
>> about 15 minutes (remove AC power cord first) will do the job.
>>
>> B) Turn the computer on Without the Battery . This should Kill the
>> password
>> . Turn computer off. Reinstall the Battery.
>>
>> C) If Windows boots:
>> 1.) Open a Cmd Prompt Window
>> 2.) Invoke Debug
>> -o 70 2e
>> -o 71 ff
>> -q
>> *o denotes letter o for octal address, not numeral Zero
>> In most cases this will mimic the action of moving the BIOS reset
>> jumper without having to open the PC case.
>>
>> Windows still booted so I tried A) B), or removing the CMOS battery. C)
>> sounded risky. Now the machine no longer boots in Windows mode and I
>> get a
>> message indicating that the machine has been tampered with at boot time.
>>
>> ... And to boot, I still get prompted for a password... All the hardware
>> documentation I have, indicates that in this case the mother board has
>> to be
>> replaced. Can anybody corroborate that? It is an Lenovo ThinkPad T60P.
>>
>> I would appreciate any help you can afford me.
>>
>> Thank you.
>>
>> Jean-Pierre
>>
>>
> From the Service and Troubleshooting guide, p.18:
>
> http://download.lenovo.com/ibmdl/pub/pc/pccbbs/mobiles_pdf/42t8002_a.pdf
> Problem: I forgot my password.
>
> Solution: If you have registered your computer for Password Reset
> Service, and you forgot your power-on or hard disk password, you can
> reset it by pressing the ThinkVantage button at the password prompt. v
> If you cannot reset your power-on password, you must take your computer
> to a Lenovo authorized servicer or a marketing representative to have
> the password canceled. v If you cannot reset your hard disk password,
> Lenovo authorized servicer cannot reset your password or recover data
> from the hard disk. You must take your computer to a Lenovo authorized
> servicer or a marketing representative to have the hard disk drive
> replaced. Proof of purchase is required, and a fee will be charged for
> parts and service.If you forgot your supervisor password, Lenovo
> authorized servicer cannot reset your password. You must take your
> computer to a Lenovo authorized servicer or a marketing representative
> to have the system board replaced. Proof of purchase is required, and a
> fee will be charged for parts and service.
>
> The bad part is that it looks like it's going to cost you to get it
> fixed. Glad I didn't buy one; I'd be hosed big time. So option C from
> above may be the option to try if you can get back into Windows,
> although my guess is it won't work either.
>
> Here's a rather involved possible solution if you want to tackle it:
> http://sodoityourself.com/hacking-ibm-thinkpad-bios-password/
>
> Best of luck,
>
> SC Tom
>

That last link is very interesting. If the OP is technically inclined,
he should read all of the material and follow the links. Among other
things, the method described at the linked page apparently doesn't work
for the T60 (different chip?), but there are tools available for that
model. Also, somewhere along the way there is a discussion of devices
that clip onto the chip so that you don't have to solder directly to the
chip leads.

--
Lem -- MS-MVP

Apollo 11 - 40 years ago:
http://www.nasa.gov/mission_pages/apollo/40th/index.html

"Lem" <lemp40@unknownhost> wrote in message
...
> SC Tom wrote:
>>
>> "dareys" > wrote in message
>> ...
>>> Greetings,
>>>
>>> In an attempt to minimize suspected hacking on my box, I configured
>>> security
>>> and
>>> password protected the BIOS. I disabled a number of functions such as
>>> the
>>> network card, all network functions and password protected all boot
>>> devices
>>> and box itself.
>>>
>>> In spite of having the passwords simple initially and oh my, written
>>> them
>>> down. Yep. My BIOS is now inaccessible. I wrote my initial question a
>>> while
>>> back and got the some good feedback.
>>>
>>> The recommendations were;
>>>
>>> A) Sometimes simply resetting the BIOS by removing the CMOS battery for
>>> about 15 minutes (remove AC power cord first) will do the job.
>>>
>>> B) Turn the computer on Without the Battery . This should Kill the
>>> password
>>> . Turn computer off. Reinstall the Battery.
>>>
>>> C) If Windows boots:
>>> 1.) Open a Cmd Prompt Window
>>> 2.) Invoke Debug
>>> -o 70 2e
>>> -o 71 ff
>>> -q
>>> *o denotes letter o for octal address, not numeral Zero
>>> In most cases this will mimic the action of moving the BIOS reset
>>> jumper without having to open the PC case.
>>>
>>> Windows still booted so I tried A) B), or removing the CMOS battery. C)
>>> sounded risky. Now the machine no longer boots in Windows mode and I get
>>> a
>>> message indicating that the machine has been tampered with at boot time.
>>>
>>> ... And to boot, I still get prompted for a password... All the hardware
>>> documentation I have, indicates that in this case the mother board has
>>> to be
>>> replaced. Can anybody corroborate that? It is an Lenovo ThinkPad T60P.
>>>
>>> I would appreciate any help you can afford me.
>>>
>>> Thank you.
>>>
>>> Jean-Pierre
>>>
>>>
>> From the Service and Troubleshooting guide, p.18:
>>
>> http://download.lenovo.com/ibmdl/pub/pc/pccbbs/mobiles_pdf/42t8002_a.pdf
>> Problem: I forgot my password.
>>
>> Solution: If you have registered your computer for Password Reset
>> Service, and you forgot your power-on or hard disk password, you can
>> reset it by pressing the ThinkVantage button at the password prompt. v If
>> you cannot reset your power-on password, you must take your computer to a
>> Lenovo authorized servicer or a marketing representative to have the
>> password canceled. v If you cannot reset your hard disk password, Lenovo
>> authorized servicer cannot reset your password or recover data from the
>> hard disk. You must take your computer to a Lenovo authorized servicer or
>> a marketing representative to have the hard disk drive replaced. Proof of
>> purchase is required, and a fee will be charged for parts and service.If
>> you forgot your supervisor password, Lenovo authorized servicer cannot
>> reset your password. You must take your computer to a Lenovo authorized
>> servicer or a marketing representative to have the system board replaced.
>> Proof of purchase is required, and a fee will be charged for parts and
>> service.
>>
>> The bad part is that it looks like it's going to cost you to get it
>> fixed. Glad I didn't buy one; I'd be hosed big time. So option C from
>> above may be the option to try if you can get back into Windows, although
>> my guess is it won't work either.
>>
>> Here's a rather involved possible solution if you want to tackle it:
>> http://sodoityourself.com/hacking-ibm-thinkpad-bios-password/
>>
>> Best of luck,
>>
>> SC Tom
>>
>
> That last link is very interesting. If the OP is technically inclined, he
> should read all of the material and follow the links. Among other things,
> the method described at the linked page apparently doesn't work for the
> T60 (different chip?), but there are tools available for that model. Also,
> somewhere along the way there is a discussion of devices that clip onto
> the chip so that you don't have to solder directly to the chip leads.
>
> --
> Lem -- MS-MVP
>
> Apollo 11 - 40 years ago:
> http://www.nasa.gov/mission_pages/apollo/40th/index.html

The method doesn't list the T60 on that link, but another link inside it
does:

http://www.allservice.ro/forum/viewtopic.php?p=1061

The link was provided as an alternative method to replacing the MB, and the
procedure involved to perform it. It looks like for the T60 additional tools
need to be purchased instead of just the $5 worth of diodes and resistors.
For the price of a new notebook or MB, I guess $110 worth of tools would be
worth it. Maybe when I was done, I could sell them to a local shop. I
figured, Hey, what the heck, the notebook is pretty useless right now.

SC Tom

"dareys" > wrote in message
...
> Greetings,
>
> In an attempt to minimize suspected hacking on my box, I configured
> security
> and
> password protected the BIOS. I disabled a number of functions such as the
> network card, all network functions and password protected all boot
> devices
> and box itself.
>
> In spite of having the passwords simple initially and oh my, written them
> down. Yep. My BIOS is now inaccessible. I wrote my initial question a
> while
> back and got the some good feedback.
>
> The recommendations were;
>
> A) Sometimes simply resetting the BIOS by removing the CMOS battery for
> about 15 minutes (remove AC power cord first) will do the job.
>
> B) Turn the computer on Without the Battery . This should Kill the
> password
> . Turn computer off. Reinstall the Battery.
>
> C) If Windows boots:
> 1.) Open a Cmd Prompt Window
> 2.) Invoke Debug
> -o 70 2e
> -o 71 ff
> -q
> *o denotes letter o for octal address, not numeral Zero
> In most cases this will mimic the action of moving the BIOS reset
> jumper without having to open the PC case.
>
> Windows still booted so I tried A) B), or removing the CMOS battery. C)
> sounded risky. Now the machine no longer boots in Windows mode and I get a
> message indicating that the machine has been tampered with at boot time.
>
> ... And to boot, I still get prompted for a password... All the hardware
> documentation I have, indicates that in this case the mother board has to
> be
> replaced. Can anybody corroborate that? It is an Lenovo ThinkPad T60P.
>
> I would appreciate any help you can afford me.
>
> Thank you.
>
> Jean-Pierre

After you have resolved the password issue, I suggest you review your
security policy. Setting a BIOS password is useful in cases where an
intruder can get *physical* access to your machine. Hackers get only access
through the Internet, hence protecting your BIOS with a password is
superfluous and can cause you a lot of trouble.

"dareys" > wrote in message

> Greetings,
>
> In an attempt to minimize suspected hacking on my box, I configured
> security and
> password protected the BIOS. I disabled a number of functions such as
> the network card, all network functions and password protected all
> boot devices and box itself.
>
> In spite of having the passwords simple initially and oh my, written
> them down. Yep. My BIOS is now inaccessible. I wrote my initial
> question a while back and got the some good feedback.
>
> The recommendations were;
>
> A) Sometimes simply resetting the BIOS by removing the CMOS battery
> for about 15 minutes (remove AC power cord first) will do the job.
>
> B) Turn the computer on Without the Battery . This should Kill the
> password . Turn computer off. Reinstall the Battery.
>
> C) If Windows boots:
> 1.) Open a Cmd Prompt Window
> 2.) Invoke Debug
> -o 70 2e
> -o 71 ff
> -q
> *o denotes letter o for octal address, not numeral Zero
> In most cases this will mimic the action of moving the BIOS reset
> jumper without having to open the PC case.
>
> Windows still booted so I tried A) B), or removing the CMOS battery.
> C) sounded risky. Now the machine no longer boots in Windows mode and
> I get a message indicating that the machine has been tampered with at
> boot time.
>
> ... And to boot, I still get prompted for a password... All the
> hardware documentation I have, indicates that in this case the mother
> board has to be replaced. Can anybody corroborate that? It is an
> Lenovo ThinkPad T60P.
>
> I would appreciate any help you can afford me.
>
> Thank you.
>
> Jean-Pierre

You said 'C sounded risky': Does that mean windows booted? C was for if
it booted. If that's the case, it's not a CMOS password problem.

It sounds like you might have a multi-level password setup to protect
you from tampering. I'd go to the mfr's site and carefully recheck the
data there.

It doesn't make sense to me that removing the battery or using the
"reset" jumper on the mobo wouldn't kill the password. Perhaps you need
to leave the machine powered OFF for a longer period of time, say a few
hours. CMOS is very high impedance stuff and can take a long time to
leak off a charge.

BTW: You have to UNPLUG the computer from the wall while you remove the
battery sometimes. Otherwise the trickle charge for the battery can be
capable of maintaining the CMOS memory, including the password.
Just hitting the power switch on the computer isn't good enough; it
doesn't really turn everything off - several things can remain running,
depending on the machine. And give it a few hours that way, just to
make sure, then try to power it up.

I wouldn't think a power glitch would kill the mobo. Mess up the CMOS
settings yes, but damage the mobo, no.

HTH,

Twayne`

"Twayne" > wrote in message
...
> "dareys" > wrote in message
>
>> Greetings,
>>
>> In an attempt to minimize suspected hacking on my box, I configured
>> security and
>> password protected the BIOS. I disabled a number of functions such as
>> the network card, all network functions and password protected all
>> boot devices and box itself.
>>
>> In spite of having the passwords simple initially and oh my, written
>> them down. Yep. My BIOS is now inaccessible. I wrote my initial
>> question a while back and got the some good feedback.
>>
>> The recommendations were;
>>
>> A) Sometimes simply resetting the BIOS by removing the CMOS battery
>> for about 15 minutes (remove AC power cord first) will do the job.
>>
>> B) Turn the computer on Without the Battery . This should Kill the
>> password . Turn computer off. Reinstall the Battery.
>>
>> C) If Windows boots:
>> 1.) Open a Cmd Prompt Window
>> 2.) Invoke Debug
>> -o 70 2e
>> -o 71 ff
>> -q
>> *o denotes letter o for octal address, not numeral Zero
>> In most cases this will mimic the action of moving the BIOS reset
>> jumper without having to open the PC case.
>>
>> Windows still booted so I tried A) B), or removing the CMOS battery.
>> C) sounded risky. Now the machine no longer boots in Windows mode and
>> I get a message indicating that the machine has been tampered with at
>> boot time.
>>
>> ... And to boot, I still get prompted for a password... All the
>> hardware documentation I have, indicates that in this case the mother
>> board has to be replaced. Can anybody corroborate that? It is an
>> Lenovo ThinkPad T60P.
>>
>> I would appreciate any help you can afford me.
>>
>> Thank you.
>>
>> Jean-Pierre
>
> You said 'C sounded risky': Does that mean windows booted? C was for if
> it booted. If that's the case, it's not a CMOS password problem.
>
> It sounds like you might have a multi-level password setup to protect you
> from tampering. I'd go to the mfr's site and carefully recheck the data
> there.
>
> It doesn't make sense to me that removing the battery or using the
> "reset" jumper on the mobo wouldn't kill the password. Perhaps you need
> to leave the machine powered OFF for a longer period of time, say a few
> hours. CMOS is very high impedance stuff and can take a long time to leak
> off a charge.
>
> BTW: You have to UNPLUG the computer from the wall while you remove the
> battery sometimes. Otherwise the trickle charge for the battery can be
> capable of maintaining the CMOS memory, including the password.
> Just hitting the power switch on the computer isn't good enough; it
> doesn't really turn everything off - several things can remain running,
> depending on the machine. And give it a few hours that way, just to make
> sure, then try to power it up.
>
> I wouldn't think a power glitch would kill the mobo. Mess up the CMOS
> settings yes, but damage the mobo, no.
>
> HTH,
>
> Twayne`
>

It's the supervisor password that Jean-Pierre forgot. According to the
Lenovo service manual, "If you forgot your supervisor password, Lenovo
authorized servicer cannot reset your password. You must take your computer
to a Lenovo authorized servicer or a marketing representative to have the
system board replaced." It's not in CMOS, it's in an EEPROM on the MB.
Seems kind of severe for simply forgetting a password.

SC Tom

Gentlemen,

Thank you all for your feedback, which I will address in this single message.

Yes, the machine eventually booted in Windows mode, but although I did
program in assembly language for the 8088 chip, way back in the early
eighties, and did use the debug program, well, I just did not think the risk
was warranted at the time, as I thought I still knew the password. Frankly,
since the computer is really useless now, I regret that decision. The worse
thing that could have happened would have been a re-install of the OS,
Utilities and Work software, and I have all of that...

I am aware of the fact that hackers mostly get access via the internet and
have configured virus checking and firewall software to protect myself from
that, coupled with responsible use of the machine. However, my lifestyle
recently has involved living in hotels, rented rooms and houses where I
cannot control who accesses the access the site, hence putting my system at
risk and warranting the BIOS password protection. It solved many problems
with another machine. Unfortunately, in this case, I shot myself in the foot
because apparentely I forgot the pwd.

And yes, the pwd I forgot is the supervisor password. I did read the
documentation I was able to get my hands on and yes, according to that, the
only way to recover is to replace the mother board. Frankly, I agree. Really
a tough penalty for forgetting a password. I still wrote my follow up
question because I just did not believe that kind of design desicion. Really
radical.

Anyway, I will make a last ditch effort to remember the pwd, and if that
does not work, take the machine to a Lenovo representative.

Many thanks to all for your help.

Jean-Pierre



"dareys" wrote:

> Greetings,
>
> In an attempt to minimize suspected hacking on my box, I configured security
> and
> password protected the BIOS. I disabled a number of functions such as the
> network card, all network functions and password protected all boot devices
> and box itself.
>
> In spite of having the passwords simple initially and oh my, written them
> down. Yep. My BIOS is now inaccessible. I wrote my initial question a while
> back and got the some good feedback.
>
> The recommendations were;
>
> A) Sometimes simply resetting the BIOS by removing the CMOS battery for
> about 15 minutes (remove AC power cord first) will do the job.
>
> B) Turn the computer on Without the Battery . This should Kill the password
> . Turn computer off. Reinstall the Battery.
>
> C) If Windows boots:
> 1.) Open a Cmd Prompt Window
> 2.) Invoke Debug
> -o 70 2e
> -o 71 ff
> -q
> *o denotes letter o for octal address, not numeral Zero
> In most cases this will mimic the action of moving the BIOS reset
> jumper without having to open the PC case.
>
> Windows still booted so I tried A) B), or removing the CMOS battery. C)
> sounded risky. Now the machine no longer boots in Windows mode and I get a
> message indicating that the machine has been tampered with at boot time.
>
> ... And to boot, I still get prompted for a password... All the hardware
> documentation I have, indicates that in this case the mother board has to be
> replaced. Can anybody corroborate that? It is an Lenovo ThinkPad T60P.
>
> I would appreciate any help you can afford me.
>
> Thank you.
>
> Jean-Pierre
>
>

dareys wrote:
<snip>

> And yes, the pwd I forgot is the supervisor password. I did read the
> documentation I was able to get my hands on and yes, according to that, the
> only way to recover is to replace the mother board. Frankly, I agree. Really
> a tough penalty for forgetting a password. I still wrote my follow up
> question because I just did not believe that kind of design desicion. Really
> radical.
>
<snip>

One man's tough penalty is another man's quality security.

I don't consider it radical. If there was an easy back door to bypassing
the laptop's supervisor password, that password wouldn't do you much
good if unscrupulous people have physical access to your laptop.

This is similar to the situation with the Windows Encrypting File
System: if you forget your password (and haven't taken the suggested
backup steps), nobody -- not even you -- can access the encrypted data.

Actually, the link provided by SC Tom does suggest a way, short of
replacing the motherboard, of resetting the eeprom where the supervisor
password is stored. It isn't easy and risks destroying your
motherboard, so you need to weigh that against whatever Lenovo charges
to replace your mobo. And before you actually pay for a replacement
mobo, get assurances from Lenovo that afterwards you will have access to
your hard drive, including your data, and not just to a new hard drive
with a fresh copy of the OS.
--
Lem -- MS-MVP

Apollo 11 - 40 years ago:
http://www.nasa.gov/mission_pages/apollo/40th/index.html

"Lem" <lemp40@unknownhost> wrote in message
...
> dareys wrote:
> <snip>
>
>> And yes, the pwd I forgot is the supervisor password. I did read the
>> documentation I was able to get my hands on and yes, according to that,
>> the only way to recover is to replace the mother board. Frankly, I agree.
>> Really a tough penalty for forgetting a password. I still wrote my follow
>> up question because I just did not believe that kind of design desicion.
>> Really radical.
>>
> <snip>
>
> One man's tough penalty is another man's quality security.
>
> I don't consider it radical. If there was an easy back door to bypassing
> the laptop's supervisor password, that password wouldn't do you much good
> if unscrupulous people have physical access to your laptop.
>
> This is similar to the situation with the Windows Encrypting File System:
> if you forget your password (and haven't taken the suggested backup
> steps), nobody -- not even you -- can access the encrypted data.
>
> Actually, the link provided by SC Tom does suggest a way, short of
> replacing the motherboard, of resetting the eeprom where the supervisor
> password is stored. It isn't easy and risks destroying your motherboard,
> so you need to weigh that against whatever Lenovo charges to replace your
> mobo. And before you actually pay for a replacement mobo, get assurances
> from Lenovo that afterwards you will have access to your hard drive,
> including your data, and not just to a new hard drive with a fresh copy of
> the OS.
> --
> Lem -- MS-MVP

I'd like to offer a different opinion. Setting a BIOS password will prevent
an unauthorised person from launching Windows but it will not prevent anyone
with technical knowledge to access confidential data. He/she only needs to
remove the hard disk and read it on some other PC. To make disk data really
secure you need to encrypt it in some way.

The question then arises: If a BIOS password by itself offers so little
protection, why make it such an inconvenience to the owner of resetting it?
I would suggest that the benefit of a BIOS password is marginal but the
penalty of losing it is huge.

Pegasus [MVP] wrote:
> "Lem" <lemp40@unknownhost> wrote in message
> ...
>> dareys wrote:
>> <snip>
>>
>>> And yes, the pwd I forgot is the supervisor password. I did read the
>>> documentation I was able to get my hands on and yes, according to that,
>>> the only way to recover is to replace the mother board. Frankly, I agree.
>>> Really a tough penalty for forgetting a password. I still wrote my follow
>>> up question because I just did not believe that kind of design desicion.
>>> Really radical.
>>>
>> <snip>
>>
>> One man's tough penalty is another man's quality security.
>>
>> I don't consider it radical. If there was an easy back door to bypassing
>> the laptop's supervisor password, that password wouldn't do you much good
>> if unscrupulous people have physical access to your laptop.
>>
>> This is similar to the situation with the Windows Encrypting File System:
>> if you forget your password (and haven't taken the suggested backup
>> steps), nobody -- not even you -- can access the encrypted data.
>>
>> Actually, the link provided by SC Tom does suggest a way, short of
>> replacing the motherboard, of resetting the eeprom where the supervisor
>> password is stored. It isn't easy and risks destroying your motherboard,
>> so you need to weigh that against whatever Lenovo charges to replace your
>> mobo. And before you actually pay for a replacement mobo, get assurances
>> from Lenovo that afterwards you will have access to your hard drive,
>> including your data, and not just to a new hard drive with a fresh copy of
>> the OS.
>> --
>> Lem -- MS-MVP
>
> I'd like to offer a different opinion. Setting a BIOS password will prevent
> an unauthorised person from launching Windows but it will not prevent anyone
> with technical knowledge to access confidential data. He/she only needs to
> remove the hard disk and read it on some other PC. To make disk data really
> secure you need to encrypt it in some way.
>
> The question then arises: If a BIOS password by itself offers so little
> protection, why make it such an inconvenience to the owner of resetting it?
> I would suggest that the benefit of a BIOS password is marginal but the
> penalty of losing it is huge.
>
>

I agree. I wrote too fast. It all depends on the meaning of "BIOS password."

Thinkpads have 3 BIOS passwords: power-on, hard disk, and supervisor,
and I was thinking of the Thinkpad *hard disk* password, which it
appears that the OP was fortunate enough NOT to have used.

I don't know how the 3 BIOS passwords interact, and I assumed that if
the supervisor p/w was set, that implied that both of the other 2 were
active as well. But plainly, the power-on p/w was NOT set, because the
OP was able to boot into Windows (which probably also means that the
hard disk p/w was not set). The OP's problem is that he can't access
the BIOS to re-enable some of the other BIOS functions he disabled.

If the supervisor p/w is on AND the hard disk p/w is on, then if you
forget both, you won't be able to reset the hard disk p/w. And
according to the warning quoted by SC Tom in his first post, if you
can't reset your *hard disk* password, data can't be recovered and your
disk will have to be replaced. To me, that implies some sort of disk
encryption.

--
Lem -- MS-MVP

Apollo 11 - 40 years ago:
http://www.nasa.gov/mission_pages/apollo/40th/index.html

"Lem" <lemp40@unknownhost> wrote in message
...
<snip>
>
> I agree. I wrote too fast. It all depends on the meaning of "BIOS
> password."
>
> Thinkpads have 3 BIOS passwords: power-on, hard disk, and supervisor, and
> I was thinking of the Thinkpad *hard disk* password, which it appears that
> the OP was fortunate enough NOT to have used.
>
> I don't know how the 3 BIOS passwords interact, and I assumed that if the
> supervisor p/w was set, that implied that both of the other 2 were active
> as well. But plainly, the power-on p/w was NOT set, because the OP was
> able to boot into Windows (which probably also means that the hard disk
> p/w was not set). The OP's problem is that he can't access the BIOS to
> re-enable some of the other BIOS functions he disabled.
>
> If the supervisor p/w is on AND the hard disk p/w is on, then if you
> forget both, you won't be able to reset the hard disk p/w. And according
> to the warning quoted by SC Tom in his first post, if you can't reset your
> *hard disk* password, data can't be recovered and your disk will have to
> be replaced. To me, that implies some sort of disk encryption.
>
> --
> Lem -- MS-MVP
>
> Apollo 11 - 40 years ago:
> http://www.nasa.gov/mission_pages/apollo/40th/index.html

Here is what it says in my R40e manual (which may be different from the OP's
T60P model):
a) If you forget your power-on password then you must take the machine to an
IBM authorised service center to have the password cancelled.
b) If you forget your hard disk password then [..] the hard disk will be
replaced.
c) If you forget your supervisor password then [..] to have the system board
replaced.

The OP did not say which of the three passwords he forgot.
The manual does not say anything about the hard disk in option c).
In view of the OP's experience I am not game to see what happens to the disk
in option c).

It appears that we agree: If option c) leaves the disk data intact then this
option is not worth the trouble it might cause.

"Lem" <lemp40@unknownhost> wrote in message

> dareys wrote:
> <snip>
> <snip>
>
> One man's tough penalty is another man's quality security.
>
> I don't consider it radical. If there was an easy back door to
> bypassing the laptop's supervisor password, that password wouldn't do
> you much good if unscrupulous people have physical access to your
> laptop.
> This is similar to the situation with the Windows Encrypting File
> System: if you forget your password (and haven't taken the suggested
> backup steps), nobody -- not even you -- can access the encrypted
> data.
<...>

This has been an interesting thread; and it's hard to believe someone
hasn't yet popped in with some methods to reset BIOS passwords. In the
several PCs I have owned myself and the many more I've done repairs on
for others, I've never come across one where the BIOS password couldn't
be removed, or reset to blank.

My current desktop for instance; you only need to remove a jumper from a
header for more than 90 seconds, then replace it and restart the
computer. The jumper is just an easy way of disconnecting the CMOS
battery and its capacitor, that keep the CMOS RAM charged so you can
replace a battery without losing all your settings: I traced it out.
On my laptop you have to pull the battery out and leave it for a jew
minutes, seems like it was sthree minutes, then plug it back in and go.
All you really need to remember is that "power off" means actually
disconnected by the power cord; not just the computer's power swithch
turned off, because power switches don't turn off the trickle chargers
for the CMOS battery amongst a couple of other things.
From what I've seen and read, any home PC is capable of having its
BIOS password reset.

For those who know the names of their BIOS etc., here are a few links
that tell one the different methods of resetting a BIOS password. The
needed information to do that is also included in the paperwork provided
with almost every computer delivered to any customer. It's no big
secret, just something people don't think of until it's too late, most
of the time.
I also seem to recall someone saying the password was kept in an
EEPROM, which isn't quite accurate, but close enough. It's a CMOS
static RAM chip actually, and operates much as an EEPROM. I suppose
some could actually use an EEPROM, but I'd be surprised to find one;
they're current hogs for the most part and CMOS has troubles interfacing
with them. But it is possible to easily write to them using simple
cktry in a PC - all the needed voltages are certainly present for an
EEPROM.
Someone else somewhere IIRC mentioned a PROM, but I can assure you
the passwords aren't kept in a PROM. PROMs by definition cannot be
reprogrammed, period - you program them once and that's all. And they
are programmed in an external station, not where they'll be used. PROMs
are the cheapest, but the cktry to program them isn't, and you can only
program them once.

Anyway, for anyone interested, here are some links I picked from Google
that I'm familiar with and don't consider them dangerous in any way:

http://www.wikihow.com/Break-a-BIOS-Password

http://labmice.techtarget.com/articles/BIOS_hack.htm

http://www.computerhope.com/issues/ch000235.htm

http://www.technibble.com/how-to-bypass-or-remove-a-bios-password/

http://www.dewassoc.com/support/bios/bios_password.htm

http://www.tech-faq.com/reset-bios-password.shtml

Caveat: CMOS cktry is THE most sensitive of all the components in a
computer to static surges, even the type that aren't strong enough to
create a visible "spark". Use good static practices whenever you work
around the CMOS battery or anywhere inside a computer, for that matter.
BTW: CMOS is not the battery type; it is the technology material for
manufacturing the components used to create the cktry the battery is
there to maintain memory for. It stands for: complementary metal oxide
semiconductor.

HTH,

Twayne`

Twayne wrote:
> "Lem" <lemp40@unknownhost> wrote in message
>
>> dareys wrote:
>> <snip>
>> <snip>
>>
>> One man's tough penalty is another man's quality security.
>>
>> I don't consider it radical. If there was an easy back door to
>> bypassing the laptop's supervisor password, that password wouldn't do
>> you much good if unscrupulous people have physical access to your
>> laptop.
>> This is similar to the situation with the Windows Encrypting File
>> System: if you forget your password (and haven't taken the suggested
>> backup steps), nobody -- not even you -- can access the encrypted
>> data.
> <...>
>
> This has been an interesting thread; and it's hard to believe someone
> hasn't yet popped in with some methods to reset BIOS passwords. In the
> several PCs I have owned myself and the many more I've done repairs on
> for others, I've never come across one where the BIOS password couldn't
> be removed, or reset to blank.
>

But they did. If you look at the entire thread, SC Tom came up
with a possible answer.

http://groups.google.ca/group/microsoft.public.windowsxp.general/browse_frm/thread/c0f79dd0123bc80a/89c3b6bcbbf009f0?tvc=1#89c3b6bcbbf009f0

This was the link, with details to the usage of a serial EEPROM on
the mainboard, to hold the password. This cannot be defeated
by pulling the battery. They wire up an RS-232 interface to
the serial EEPROM, clipping the levels with zener diodes,
to gain access to it and reprogram it. The second link,
is to tools you can purchase, to reprogram or work
with the contents of the chip.

http://sodoityourself.com/hacking-ibm-thinkpad-bios-password/

http://www.allservice.ro/forum/viewtopic.php?p=1061

A normal computer has no need for such a fancy
feature (the 256 bytes of RAM in the Southbridge are
sufficient). Perhaps this EEPROM has something to
do with supporting TPM, or is needed to raise
the security level of the machine sufficiently ?
It might be a requirement for a government buyer
perhaps.

Paul

Gentlemen,

Again, thank you all for the prompt and knowledgeable feedback. Without my
own computer, online time is limited, so I will acknowledge all responses and
provide my own in this single message.

I did set all three BIOS passwords. Power-on, hard disk, and supervisor...
At this point, it looks like if I don´t remember them somehow, the computer
is done for, as is the hard drive because the following remark echos what I
read:

> Here is what it says in my R40e manual (which may be different from the OP's
>T60P model):
>a) If you forget your power-on password then you must take the machine to an
>IBM authorised service center to have the password cancelled.
>b) If you forget your hard disk password then [..] the hard disk will be
>replaced.
>c) If you forget your supervisor password then [..] to have the system board
>replaced.

Frankly, I will probably still take it to a Lenovo representative, but the
bottom line is that I would rather buy a new one than replace the mother
board, and get a more recent model. If you are going to bite the bullet,
might as well do it right.

In any case, as related to the issue that BIOS protection cannot prevent
anyone with physical access to the machine from removing the hard disk,
installing it elsewhere and then gaining access to your data, I fully agree
with the observation:

> If a BIOS password by itself offers so little
> protection, why make it such an inconvenience to the owner of resetting it?
> I would suggest that the benefit of a BIOS password is marginal but the
> penalty of losing it is huge.

Again, thank you all for your help.

Regards,

Jean-Pierre


"dareys" wrote:

> Greetings,
>
> In an attempt to minimize suspected hacking on my box, I configured security
> and
> password protected the BIOS. I disabled a number of functions such as the
> network card, all network functions and password protected all boot devices
> and box itself.
>
> In spite of having the passwords simple initially and oh my, written them
> down. Yep. My BIOS is now inaccessible. I wrote my initial question a while
> back and got the some good feedback.
>
> The recommendations were;
>
> A) Sometimes simply resetting the BIOS by removing the CMOS battery for
> about 15 minutes (remove AC power cord first) will do the job.
>
> B) Turn the computer on Without the Battery . This should Kill the password
> . Turn computer off. Reinstall the Battery.
>
> C) If Windows boots:
> 1.) Open a Cmd Prompt Window
> 2.) Invoke Debug
> -o 70 2e
> -o 71 ff
> -q
> *o denotes letter o for octal address, not numeral Zero
> In most cases this will mimic the action of moving the BIOS reset
> jumper without having to open the PC case.
>
> Windows still booted so I tried A) B), or removing the CMOS battery. C)
> sounded risky. Now the machine no longer boots in Windows mode and I get a
> message indicating that the machine has been tampered with at boot time.
>
> ... And to boot, I still get prompted for a password... All the hardware
> documentation I have, indicates that in this case the mother board has to be
> replaced. Can anybody corroborate that? It is an Lenovo ThinkPad T60P.
>
> I would appreciate any help you can afford me.
>
> Thank you.
>
> Jean-Pierre
>
>

dareys wrote:
>
> In any case, as related to the issue that BIOS protection cannot prevent
> anyone with physical access to the machine from removing the hard disk,
> installing it elsewhere and then gaining access to your data, I fully agree
> with the observation:
>
>> If a BIOS password by itself offers so little
>> protection, why make it such an inconvenience to the owner of resetting it?
>> I would suggest that the benefit of a BIOS password is marginal but the
>> penalty of losing it is huge.

It may be a small deterrence to would be amateur data thieves, but to
laptop (hardware) thieves it's a fairly big deterrence, try and sell a
BIOS locked Thinkpad and see how many takers you get.

John

"dareys" > wrote in message
...
> Gentlemen,
>
> Again, thank you all for the prompt and knowledgeable feedback. Without my
> own computer, online time is limited, so I will acknowledge all responses
> and
> provide my own in this single message.
>
> I did set all three BIOS passwords. Power-on, hard disk, and supervisor...

This information should have been in your very first post. It would have
avoided a lot of guesswork by respondents.

John,

Yes, you got that right. Stealing a BIOS password protected computer is not
good business. Unless you have the password, the time and the knowledge to
work around the issue, it is just a good paper weight! LOL.

Jean-Pierre

"John John - MVP" wrote:

> dareys wrote:
> >
> > In any case, as related to the issue that BIOS protection cannot prevent
> > anyone with physical access to the machine from removing the hard disk,
> > installing it elsewhere and then gaining access to your data, I fully agree
> > with the observation:
> >
> >> If a BIOS password by itself offers so little
> >> protection, why make it such an inconvenience to the owner of resetting it?
> >> I would suggest that the benefit of a BIOS password is marginal but the
> >> penalty of losing it is huge.
>
> It may be a small deterrence to would be amateur data thieves, but to
> laptop (hardware) thieves it's a fairly big deterrence, try and sell a
> BIOS locked Thinkpad and see how many takers you get.
>
> John
>

Pegasus,

Really? It just never ocurred to me that it would have made a difference in
terms of the support I have received, which BTW has been outstanding. I
really love the way computer people help each other out. And the Microsoft
comunity is awsome.

Many thanks.

Jean-Pierre

"Pegasus [MVP]" wrote:

>
> "dareys" > wrote in message
> ...
> > Gentlemen,
> >
> > Again, thank you all for the prompt and knowledgeable feedback. Without my
> > own computer, online time is limited, so I will acknowledge all responses
> > and
> > provide my own in this single message.
> >
> > I did set all three BIOS passwords. Power-on, hard disk, and supervisor...
>
> This information should have been in your very first post. It would have
> avoided a lot of guesswork by respondents.
>
>
>