Step 2 in BIOS cracking: Fiddle with the hardware

The second in an alarming series

For starters, the tried and true method of resetting BIOS passwords on desktops and servers (i.e., not laptops) is to unplug the battery from the real-time clock. Refer to your owner's manual or vendor Web site for specific information on how to do this. A previous tip, How to Bypass BIOS Passwords, and an article about contacting third-party companies, have links to various manufacturers that may help. Otherwise, contact your computer vendor directly.

Some computers have a password reset jumper or dip switch that you can use to reset BIOS passwords. You must locate this reset point on the motherboard and then, usually, you'll have to power up the computer once or twice with the jumper or dip switch set in the proper position for the reset to occur.

Another trick you can try in order to get into your BIOS without a password is to make a hardware change, such as removing a memory chip or disconnecting a hard drive. Also, you may want to try disconnecting the keyboard before powering on to see how the computer responds. If it boots into the BIOS setup, you can then plug the keyboard back in and you should be able to start typing (and resetting the password).

With laptops, BIOS passwords are stored in a non-volatile security chip, which means you won't be able to simply unplug the battery to reset it. And, if none of the previous methods works, your best bet with laptops is to call on a company such as Password Crackers Inc., which offers replacement chips that allow you to bypass your BIOS password altogether on boot. This requires soldering and other technical work that may be best left up to your local computer repair shop.

If you are able to replace your security chip but then reach a point where you cannot continue booting and accessing your hard drive, your drive is likely password protected with (hopefully) the same BIOS password. In this case, you can send in your laptop security chip to Password Crackers and they can recover the password for you. You could also set up your own memory chip reader/programmer and do this yourself. I don't recommend it, but if you're adamant about tinkering with and programming your own memory chips, the program notes file (cmospwd.txt) for the CmosPwd program outlines where these passwords are stored on the memory chips of various late-model laptops.

I've seen situations where people assume they need a BIOS password to boot a computer. In fact, you may see a flashing cursor or hear a few beeps right after you turn the power on that makes you think the computer is prompting you for a power-on password. In fact, quite the opposite may be taking place.

Your computer may be experiencing a hardware failure. It could be bad memory installed, the wrong memory installed, motherboard problems, video card failure -- you name it. Usually, you can find out what the beeps mean at your BIOS or motherboard manufacturer's Web site, the owner's manual that came with your computer or at computer hardware sites such as BIOS Central. If you're not comfortable going down this path and opening up your computer to remove/swap/replace hardware, then, again, hire an expert to take a look-see and find the problem.

BIOS password hacking

 Home: Introduction
 Step 1: Guess BIOS passwords yourself
 Step 2: Fiddle with the hardware
 Step 3: Crack them with software
 Step 4: Managing the BIOS password

Kevin Beaver, CISSP, is an independent information security consultant, author and speaker with Atlanta-based Principle Logic LLC. He has more than 18 years of experience in IT and specializes in performing information security assessments. Beaver has written five books including Hacking For Dummies (Wiley), Hacking Wireless Networks For Dummies, (Wiley) and The Practical Guide to HIPAA Privacy and Security Compliance (Auerbach). He can be reached at [email protected].
Copyright 2006 TechTarget

Read more on IT risk management