Word – Reset HDD user password, if I know the HDD master password

bioshard drivepasswordsSecurity

The BIOS in my Laptop allows to specify 4 passwords:

  • (BIOS) Administrator Password
  • (BIOS) User Password
  • (HDD) Master password
  • (HDD) User Password

I just created the two HDD passwords. The other passwords are still empty.

Unfortunately, it seems I misspelled (twice) the HDD User Password on creation. It now says "Invalid password" whenever I try. But I still have the HDD master password.

Now I can access the BIOS. But whenever I want to change the HDD User Password, it asks me for the User Password (which is lost) but does not allow me to use the master password instead.

Is there any way to use the master pw to reset the user pw?

Background

There are more details to my personal use case, which are described in Does HDD password in BIOS affect multiple drives equally?. But here I would like to focus on the main question about master password vs user password, so it will help other people which might not have the same use case in all details.

System information

Asus UX32V

"Aptio Setup Utility – Copyright (C) 2011 American Megatrends, Inc"

BIOS Vendor: American Megatrends
Version: 206
VBIOS Version: 2137.I14UX3.006
EC Version: B14U120001

BIOS tabs: Main, Advanced, Boot, Security, Save & Exit

In the "Advanced" tab there is an option "Intel AES-NI", which is currently "[Enabled]". The description is "Enable/Disable Intel Advance Encryption Standard New Instructions (AES-NI).

Best Answer

I solved this problem for my own use case. Here is my observation, without any claim of deep knowledge or understanding.

I used hdparm, following the instructions by user StudMuffin on serverfault, how to unlock a ssd disk with hdparm

Commands

The basic commands, on a Linux where the disk is connected:

hdparm --user-master m --security-unlock PASS /dev/sdx
hdparm --user-master m --security-disable PASS /dev/sdx

Before and after and between these steps, one can use hdparm -I /dev/sdx to check the status.

I would suggest to use some kind of trick to not have the password in bash history.

I did this for all drives that were affected: The on-board iSSD, and the 2.5'' SSD.

Result / Observations

My observation confirms the first comment by JeremyS in there: The HDD master password does unlock the disk and make it completely readable again.

The BIOS now reports that no HDD password is active.

Still I stand by my report that the BIOS did NOT allow me to use the master pw to remove the user pw. Only hdparm was able to do this. I assume that technically this would be possible in BIOS, just my BIOS sucks.

I do NOT know if the HDD password actually did enable the hardware disk encryption, or if it only enabled a weak-ish lock.

Related Question