Thursday, July 06, 2006

Bypass BIOS Passwords

How to Bypass BIOS Passwords
[The original story goes here. I had reproduced it here just in case that page should go off in future.]
BIOS passwords can be add extra layer of security for desktop and laptop computers, and are used to either prevent a user from changing the BIOS settings or to prevent the PC from booting without a password. BIOS passwords can also be a liability if a user forgot their passwords, or if a malicious user changes the password. Sending the unit back to the manufacturer to have the BIOS reset can be expensive and is usually not covered in an a typical warranty. However, there are a few known backdoors and other tricks of the trade that can be used to bypass or reset the BIOS password on most systems.
Backdoor Passwords
Many BIOS manufacturers have provided backdoor passwords that can be used to access the BIOS setup in the event you have lost your password. These passwords are case sensitive, so you may wish to try a variety of combinations.
WARNING: Some BIOS configurations will lock you out of the system completely if you type in an incorrect password more than 3 times. Read your manufacturers documentation for the BIOS setting before you begin typing in passwords.
Award BIOS backdoor passwords:
ALFAROME           BIOSTAR           KDD                ZAAADA
ALLy                CONCAT           Lkwpeter           ZBAAACA
aLLy                CONDO           LKWPETER           ZJAAADC
aLLY                Condo           PINT                01322222
ALLY                d8on           pint                589589
aPAf                djonet           SER                589721
_award                HLT           SKY_FOX           595595
AWARD_SW           J64           SYXZ                598598
AWARD?SW           J256           syxz            
AWARD SW           J262           shift + syxz            
AWARD PW           j332           TTPTHA            
AWKWARD           j322                        
awkward                                     
AMI BIOS Backdoor Passwords:
     AMI                BIOS           PASSWORD           HEWITT RAND
     AMI?SW           AMI_SW           LKWPETER           CONDO
Phoenix BIOS Backdoor Passwords:
     phoenix           PHOENIX           CMOS           BIOS
Misc. Common Passwords
     ALFAROME           BIOSTAR           biostar                biosstar
     CMOS           cmos           LKWPETER           lkwpeter
     setup           SETUP           Syxz                Wodj
Other BIOS Passwords by Manufacturer
     Manufacturer           Password
       
     VOBIS & IBM          merlin
     Dell               Dell
     Biostar          Biostar
     Compaq          Compaq
Enox               xo11nE
     Epox               central
     Freetech          Posterie
     IWill               iwill
     Jetway          spooml
     Packard Bell          bell9
     QDI               QDI
     Siemens          SKY_FOX
     TMC               BIGO
     Toshiba          Toshiba
Toshiba BIOS
Most Toshiba laptops and some desktop systems will bypass the BIOS password if the left shift key is held down during boot
IBM Aptiva BIOS
Press both mouse buttons repeatedly during the boot
Using the Motherboard "Clear CMOS" Jumper or Dipswitch settings
Many motherboards feature a set of jumpers or dipswitches that will clear the CMOS and wipe all of the custom settings including BIOS passwords. The locations of these jumpers / dipswitches will vary depending on the motherboard manufacturer and ideally you should always refer to the motherboard or computer manufacturers documentation. If the documentation is unavailable, the jumpers/dipswitches can sometimes be found along the edge of the motherboard, next to the CMOS battery, or near the processor. Some manufacturers may label the jumper / dipswitch CLEAR - CLEAR CMOS - CLR - CLRPWD - PASSWD - PASSWORD - PWD. On laptop computers, the dipswitches are usually found under the keyboard or within a compartment at the bottom of the laptop.
Please remember to unplug your PC and use a grounding strip before reaching into your PC and touching the motherboard. Once you locate and rest the jumper switches, turn the computer on and check if the password has been cleared. If it has, turn the computer off and return the jumpers or dipswitches to its original position.
Removing the CMOS Battery
The CMOS settings on most systems are buffered by a small battery that is attached to the motherboard. (It looks like a small watch battery). If you unplug the PC and remove the battery for 10-15 minutes, the CMOS may reset itself and the password should be blank. (Along with any other machine specific settings, so be sure you are familiar with manually reconfiguring the BIOS settings before you do this.) Some manufacturers backup the power to the CMOS chipset by using a capacitor, so if your first attempt fails, leave the battery out (with the system unplugged) for at least 24 hours. Some batteries are actually soldered onto the motherboard making this task more difficult. Unsoldering the battery incorrectly may damage your motherboard and other components, so please don't attempt this if you are inexperienced. Another option may be to remove the CMOS chip from the motherboard for a period of time.
Note: Removing the battery to reset the CMOS will not work for all PC's, and almost all of the newer laptops store their BIOS passwords in a manner which does not require continuous power, so removing the CMOS battery may not work at all. IBM Thinkpad laptops lock the hard drive as well as the BIOS when the supervisor password is set. If you reset the BIOS password, but cannot reset the hard drive password, you may not be able to access the drive and it will remain locked, even if you place it in a new laptop. IBM Thinkpads have special jumper switches on the motherboard, and these should be used to reset the system.

No comments: