Data Centers

TechRepublic Tutorial: Bypass a BIOS password using these techniques

Techniques for bypassing a BIOS password

BIOS passwords offer an extra level of security for your computer system by requiring users to enter a password before they can enter the setup programs or start the operating system. But BIOS passwords can also give you headaches if the passwords are lost, forgotten, or put on the system by a disgruntled employee. I will provide you with some tips for circumventing unknown BIOS passwords so that you will be able to use the computer system once again.

An introduction to BIOS passwords
There are primarily two types of BIOS passwords that can be used to protect a computer system. The first type requires the user to enter a password before being granted access to the computer's setup programs. Many system administrators will use these types of passwords to prevent their users from modifying the system configuration. Such a strategy can reduce the number of problems that are created by users who attempt to fix their own problems or want to try making their system run faster by making modifications.

The second type of BIOS security requires the user to enter a password before the operating system is started. This type of password is used to prevent an unauthorized user from accessing the system. When such a security measure has been implemented, users will be unable to boot the system in any manner unless they have the password. Such stringent security measures are often used in government installations or wherever tight security is a high priority.

Backdoor passwords
One method for unlocking a BIOS password is to use the BIOS manufacturer's "backdoor password." These passwords are hard coded into the BIOS by the manufacturer and will override any user-created password. While this might sound like an easy solution, you must know who made the BIOS, what BIOS version has been installed in the system, and what backdoor password was used for the BIOS. As an extra security measure, many BIOS manufacturers have added a feature that will lock you out of the system completely if you try to guess the password and enter it incorrectly three times. In addition, since laptops have better BIOS security than their desktop cousins, they typically do not employ the use of backdoor passwords. If you would like to learn the backdoor BIOS password for a system, your only choice is to contact the BIOS manufacturer or read the documentation that came with the system.

Bypass BIOS passwords with keyboard errors
Another method you can use to gain access to the BIOS setup programs is to overload the keyboard buffer by holding down a key as the system boots. Once the buffer has been overloaded, you will receive an error message and will be taken into the setup programs where you can change the password or prevent the use of a BIOS password. This method does not work on all BIOS programs, but it is worth trying because it really can’t do any damage or permanently lock you out of the system.

Resetting the CMOS using motherboard jumpers
Some motherboard manufacturers provide jumpers that allow technicians to easily reset the CMOS values to their default settings. This method will eliminate a user-created BIOS password and set the value of the Use BIOS Password field to No. Generally, to reset the CMOS values, you would turn the system off, change the jumper settings according to the motherboard's documentation, and turn the system back on. You will be taken into the BIOS setup program, where you can change the CMOS configuration as you see fit. After exiting the BIOS, you should turn the system off, return the jumpers to their original setting, and power the computer on again. The system will boot using the new configuration data, and you will no longer be prompted for a BIOS password.

If you elect to reset the CMOS values to erase the BIOS password, you will lose all information that was previously stored in CMOS. If you have backed up your CMOS settings using the CMOSSAVE program, you can easily restore them. Make sure that your backup copy does not require the use of the BIOS password. If it does, you will be right back where you started.

Removing the CMOS battery
If your motherboard does not have BIOS reset jumpers, you can reset the CMOS data by removing the CMOS battery. Once again, this will set all CMOS values to their default settings, including eliminating the use of a BIOS password.

When you remove the CMOS battery from the system, you should leave it out for at least 10 minutes. This length of time should suffice for most systems, but some may require up to 24 hours for the data to be erased. Again, if you attempt to restore your CMOS settings, be sure to use a backup copy that does not require the use of a password.

Password-cracking software
Software is available from several manufacturers that allow you to crack or reset BIOS passwords. Three such programs are RemPass, KILLCMOS, and CMOS Password Recovery Tools 4.0. Keep in mind that if you are unable to boot the PC from a floppy disk, you will be unable to use these programs. Additionally, since the software does not come from the BIOS manufacturer, you will be using it at your own risk. But used as a last resort, these programs can come in handy when you are at wit's end from troubleshooting an unknown BIOS password.


Editor's Picks