• Para_lyzed@lemmy.world
    link
    fedilink
    arrow-up
    1
    ·
    edit-2
    10 months ago

    Just wanted to add that your BIOS password can be circumvented by taking out the CMOS battery. That will clear all your settings and allow unrestricted access. A BIOS password should absolutely never be used as a form of security, it is trivial to bypass.

    Granted, I don’t believe that the TPM will give the key if secure boot were disabled, I just wanted to mention that BIOS passwords don’t do anything against any real attack.

    • asudox@lemmy.worldOP
      link
      fedilink
      arrow-up
      1
      ·
      edit-2
      10 months ago

      I also want to add that the TPM will request the recovery key if the BIOS goes back to factory defaults. I also think changing the secure boot setting might trigger it. If that’s the case then a BIOS password is pretty useless.

      • Para_lyzed@lemmy.world
        link
        fedilink
        arrow-up
        1
        ·
        edit-2
        10 months ago

        I believe that the TPM will refuse to provide keys after secure boot is disabled, but I didn’t intend to imply that it could be used to bypass TPM decryption or anything. Just as an aside that BIOS passwords are effectively useless at preventing access to the BIOS.

        • asudox@lemmy.worldOP
          link
          fedilink
          arrow-up
          1
          ·
          10 months ago

          It does seem like most of the TPMs indeed do not provide the keys if secure boot is disabled. Sorry for the misunderstanding.