BIOS Vs Windows Password

Discussion in 'Polling Station' started by Fergal1982, Jul 11, 2004.

?

Which Type of Password do you Use?

  1. BIOS

    1 vote(s)
    7.7%
  2. OS

    8 vote(s)
    61.5%
  3. Both

    4 vote(s)
    30.8%
  1. Fergal1982

    Fergal1982 Petabyte Poster

    4,196
    172
    211
    ok, i have a BIOS password set on my laptop, with no windows password, simply so i can boot, enter the password, and leave (unless i want to boot to linux, which involves selecting linux at the bootloader, then entering the password at linux, lol).

    so im just wondering what you guys use, and what the merits of one over the other are!

    Discuss.....

    Fergal
     
    Certifications: ITIL Foundation; MCTS: Visual Studio Team Foundation Server 2010, Administration
    WIP: None at present
  2. Phoenix
    Honorary Member

    Phoenix 53656e696f7220 4d6f64

    5,749
    200
    246
    well Bios passwords are handy, but they can be circumvented in under 5 minutes on most machines

    they do however stop people booting say, a knoppix CD and accessing files you might not want them accessing

    Windows passwords should be a requirement for any machine on a network, simply because network services and such are accessed with that password, so a blank one puts the machine at considerable risk

    I dont actually have a 'bios system' password, just a 'bios' password

    this means a password is required to enter the bios, but not boot the machine

    I also use EFS and PGP
     
    Certifications: MCSE, MCITP, VCP
    WIP: > 0
  3. Sandy

    Sandy Ex-Member

    1,091
    2
    65
    Hi All

    Depends on what type of security you are looking for. BIOS gives physical security in that to sit at the machine you need to logon to the hardware. OS gives logical security in that if you want to log onto the machine that is connected to a network or the Internet you need a user name and password.

    At work and home I have an OS password as you need keys to get into the buildings so that is my physical security:!:
     
  4. nugget
    Honorary Member

    nugget Junior toady

    7,796
    71
    224
    Fergal, as Phoenix pointed out the BIOS password can be circumvented in about 5 minutes through default backdoors the manufacturers include. All it needs is someone to sit there at the machine and surf the net for a list of the default passwords, 5 minutes later they are in.

    However in saying that if a bad guy gets to sit at your machine, it's not yours anymore.
     
    Certifications: A+ | Network+ | Security+ | MCP (270,271,272,290,620) | MCDST | MCTS:Vista
    WIP: MCSA, 70-622,680,685
  5. AJ

    AJ 01000001 01100100 01101101 01101001 01101110 Administrator

    6,897
    182
    221
    I'm with Sandy, wot he said
     
    Certifications: MCSE, MCSA (messaging), ITIL Foundation v3
    WIP: Breathing in and out, but not out and in, that's just wrong
  6. SimonV
    Honorary Member

    SimonV Petabyte Poster Gold Member

    6,651
    180
    258
    OS passwords for me, Phoenix made a point about network services and such that are accessed with the admin password, so a blank one puts the machine at considerable risk and I would have to second that point too. If your running your PC with a blank password and you have admin privileges your leaving the door open to all manner of nasty consequences.
     
    Certifications: MOS Master 2003, CompTIA A+, MCSA:M, MCSE
    WIP: Keeping CF Alive...
  7. Fergal1982

    Fergal1982 Petabyte Poster

    4,196
    172
    211
    think you guys may be right. so, to that end, i have installed a p/word onto my user acc. ive also set up an acc for my girlfriend (limited user in xp home - remind me, limited users cant delete system files can they????)

    Fergal
     
    Certifications: ITIL Foundation; MCTS: Visual Studio Team Foundation Server 2010, Administration
    WIP: None at present
  8. punkboy101
    Honorary Member

    punkboy101 Back from the wilderness

    942
    2
    62
    Nope, she sholdn't be able to delete anything important, just her own files that she has created. I don't think she is able to install anything either, so you may have to install anything she wants to use through your account, and then give her access.

    HTH

    Andy
     
    Certifications: CCNA
    WIP: Nada
  9. Jakamoko
    Honorary Member

    Jakamoko On the move again ...

    9,924
    74
    229
    OS password for me - my theory being that w2k/XP is tight enough if applied properly. I've never bothered with the BIOS to honest (just one more to forget after all)

    Must say, I'm proud of my 6 year old daughters ability to use her password responsibly on her PC (I'm not that Victorian a Dad before you all start hollering - her account has a p/w solely because you need to have one to RDP into her machine).

    An interesting quandary arose this weekend though, when she asked me what my password was. Hmmm, what do you do then ??? :hhhmmm
     
    Certifications: MCP, A+, Network+
    WIP: Clarity
  10. Fergal1982

    Fergal1982 Petabyte Poster

    4,196
    172
    211
    id just point out that everyone is supposed to have their own password, and that they arent supposed to tell anyone what it is, its their own secret!
     
    Certifications: ITIL Foundation; MCTS: Visual Studio Team Foundation Server 2010, Administration
    WIP: None at present
  11. Fergal1982

    Fergal1982 Petabyte Poster

    4,196
    172
    211
    or i spose you could just point out that its best that she doesnt know it, so that she cant accidentally break the pc. that way, she understands that her account wont let her break it, and that if she knew your p/w then it might cause harm to the pc!

    Fergal
     
    Certifications: ITIL Foundation; MCTS: Visual Studio Team Foundation Server 2010, Administration
    WIP: None at present
  12. Jakamoko
    Honorary Member

    Jakamoko On the move again ...

    9,924
    74
    229
    Correct answer is in fact


    C: Bottle it and change the subject - after all, you are her father :p
     
    Certifications: MCP, A+, Network+
    WIP: Clarity
  13. AJ

    AJ 01000001 01100100 01101101 01101001 01101110 Administrator

    6,897
    182
    221
    Huh coward


    you tell her to keep her nose out or else :twisted:

    My kids have got their own machine that they are administrators on but on my pc they are users with very limited rights :dry

    They both have their own p/w I have mine and then there's the admin, and no-one knows that one except ME :biggrin
     
    Certifications: MCSE, MCSA (messaging), ITIL Foundation v3
    WIP: Breathing in and out, but not out and in, that's just wrong
  14. nugget
    Honorary Member

    nugget Junior toady

    7,796
    71
    224
    Start implementing 15+ character passwords[​IMG]
     
    Certifications: A+ | Network+ | Security+ | MCP (270,271,272,290,620) | MCDST | MCTS:Vista
    WIP: MCSA, 70-622,680,685
  15. Phoenix
    Honorary Member

    Phoenix 53656e696f7220 4d6f64

    5,749
    200
    246
    in my world nobody goes near my PC but me! :P
    still has a password with 2.396736928364335973507765129444e+90 combinations though (18^72)
     
    Certifications: MCSE, MCITP, VCP
    WIP: > 0

Share This Page

Loading...
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.