So some time ago I set up a BIOS “User” password and and “Admin” password on a laptop.
For those who doesn’t know. A BIOS “User” password is prompted every time you boot a computer using that motherboard, and the “Admin” password is prompted when you attempt to enter the BIOS settings
If you have both set up, either password is accepted on boot, but only the “Admin” password is accepted for getting into the BIOS Settings.
I’ve just had both of these set up because I’m weird and paranoid (before you say “encryption”, yes the disk is also encrypted), and I got into a habit of just using the Admin password for boot.
But now I think its unnecessary and annoying now and doesn’t seem to do much since the disk is also encrypted, so I tried to remove the “User” password in the BIOS settings, but I forgot the User password. Inputing the Admin password is rejected as “incorrect password”, but its accepted when you try to change to Admin password. Wtf lol. The Laptops I had before this one, allows the Admin to reset the User Password, wtf is this new change? Admin cannot reset User Password? Make zero sense lol. So I guess I’m just stuck with this unchangeable setting? Triggers my OCD so much that there’s a setting now I can’t toggle on/off.
I mean it’s still perfectly usable as long as I keep the Admin password enabled and not mess with that, so this is the definition of mildly infuriating, just very samll annoyance I’m stuck with.
It’s an Asus Zenbook btw if you’re wondering.
sorry for taking a tangent and let me preface by saying I’m not criticizing your setup or desire for security at all. it’s obviously adding a particular kind of physical roadblock to what stealing your stuff would require.
but I discovered that BIOS setting at a young age and have had this burning question about what exactly does it protect? it does prevent booting but in a situation where somebody has access to your computer that only really stops them from using your motherboard right? is OP’s usecase the actual intention, where somebody would be required to physically steal at least part of the computer in order to access it?
On school computers it blocked us from just booting a live usb and accessing the whole disk
Motherboard has a key on it that is used to generate a key pair with your disk when encrypted. So you can’t just snag the drive and pop it in another computer.
Note; I have simplified the technical details above for simplicity, on a technical level you’d want to read up for a technically corrected explanation.
ohhhhhh. I had no idea it did that. no, thank you for simplifying it. I’m only self-taught so I barely have a hobbyist’s understanding of computers.