Step 4: Managing the BIOS password

You could also consider adding power-on passwords to critical systems such as servers and laptops. It could be argued that every system is critical if it provides network access or contains sensitive information. (I haven't come across a computer that doesn't meet at least one of these criteria.) This could certainly add some administrative overhead, especially for remote users and servers stored in unmanaged offices or data centers that have to be rebooted occasionally. As I've shown here, adding BIOS passwords is not a foolproof measure, and they may just cause more trouble than they're worth, so proceed with caution. BIOS passwords do offer another layer of security that can buy you time or force an amateur hacker to give up. Bottom line, determine what's really at risk, how BIOS passwords would fit into your organization's culture and politics, and refer back to some alternate recommendations listed at the end of my laptop hacking guide.

BIOS password hacking

 Home: Introduction
 Step 1: Guess BIOS passwords yourself
 Step 2: Fiddle with the hardware
 Step 3: Crack them with software
 Step 4: Managing the BIOS password

ABOUT THE AUTHOR:

Kevin Beaver, CISSP, is an independent information security consultant, author and speaker with Atlanta-based Principle Logic LLC. He has more than 18 years of experience in IT and specializes in performing information security assessments. Beaver has written five books including Hacking For Dummies (Wiley), Hacking Wireless Networks For Dummies, (Wiley) and The Practical Guide to HIPAA Privacy and Security Compliance (Auerbach). He can be reached at kbeaver@principlelogic.com. Copyright 2006 TechTarget

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT User passwords and network permissions 20 days to a more secure enterprise Eight is too many characters for strong passwords Nine common password oversights to avoid Secure your Windows systems with proper password practices Managing multiple passwords in Windows Windows desktop endpoint security challenges podcast series How to strike a balance between Windows security and business needs Managing single sign-on security burdens in Windows Build secure computer password policies Remote user security checklist

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary key-value pair  (SearchEnterpriseDesktop.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary