Not booting without a password?

kn
11

I now heard in a new video from Thomary that theoretically you could simply boot Linux onto your laptop via USB stixk and then replace the normal cmd with the admin cmd because you can already use the cmd ind windows at the login screen (where you enter the password) and if you replace the normal cmd via Linux with the admin cmd (by simply changing the name of the file) you can then simply change the password.

I hope I could explain it to you if not then go to this video (

at minute 10:44 he explains it.

My question now is how can you set a password that you need to boot a new operating system?

Pe

The whole thing is a handball trick.

Encrypt disk, BIOS password (which can also be reset) and is good.

The main thing is encrypted.

Ch

My question now is how can you set a password that you need to boot a new operating system?

you could encrypt your hard drive with a program and then you will be asked for a password at startup

but I can avoid true crypt

St

My question now is how can you set a password that you need to boot a new operating system?

well, it all depends on your BIOS.

With some, you can't block anything with a password. You only have one hard drive encryption. However, this is actually always recommended

With some you can at least put the BIOS behind a password. If you now determine the boot sequence so that USB sticks are basically booted to your internal disk, it is not so easy to avoid

With some BIOS you can also set that you have to enter a password for every boot

Depending on the BIOS, this set password can also be bypassed or reset…

Ka

No encryption can't be bypassed. Because the data is no longer in its original form. You need the right key to decode it again

Ka

Locking the BIOS is not recommended. Unfortunately, the manufacturers are often too lazy / stupid to remove the master keys.

Ka

"My question now is how can you set a password that you need to boot a new operating system?"

You do not need a password, as you simply enter the system account that is not password-protected. From there you have access to all data and all rights, so you can also change the passwords of normal users

St

That's why I said it all depends on the BIOS. Business laptops in particular are very well positioned there.

It is also just a hurdle that should not be used alone

Ka

Encrypting the hard drive is simply much more secure.

Yes, it takes a little more time at the beginning, depending on the size, until the hard drive is encrypted, but then it is the safest method.

St

I wrote it too.

Ka

Ok, then i just misunderstood you:-)

Na

Hmm, that's right for the mass of laptop manufacturers.

Lenovo removed the master keys from the Tinkpad back in 2005 and also encrypted the EEPROM for the BIOS parameters. Now it is great security, but if you forget the BIOS password, you are sitting in front of a laptop that is no longer bootable. Then all that remains is to replace the EEPROM with a new one.