03-07-2012 08:28 PM
When I newly bought the R400, I played around with the security options, but didn't use any except the finger print. Everytime after I registered a new finger, it recommened me to continue to other CSS features. When I clicked through, it required TPM password which I didn't remember that I set it before. It didn't bother me because I didn't need to use it.
Now I want to use the CSS more than just finger print. So, I uninstalled the old CSS, cleared Security Chip. Installed new CSS. Now I can get in CSS to manage things, but it doesn't provide a way for me to set the TPM password.
I'm confused, My research shows TPM password is set when it's initialized. I disabled the chip and changed to Inactive, then, reinstalled CSS. Still can't get a way to set the password.
How to set it?
Thinking of anybody who knows my Windows login password can go CSS to manage my secrete makes me feel the CSS is a faulse safty solution. Isn't it?
Hope I was wrong.
Solved! Go to Solution.
03-08-2012 06:49 AM
CSS has 2 modes - default mode is "password mode" where CSS uses Windows password. And you are right, anyone that knows your Windows password will be able to unlock your CSS secrets so it is not very secure.
Other mode of CSS is "passphrase mode" where you have a separate CSS passphrase that is not at all related to your Windows password. This is extremely secure as long as you set an appropriate passphrase.
You can choose the mode that CSS uses in the CSS GUI at Control Panel -> System and Security -> Lenovo's Enhanced Security. Then choose "Change authentication mode" from the "Advanced" menu.
You can also read about how CSS works and the different security options in the CSS deployment guide: http://download.lenovo.com/pccbbs/thinkvantage_en/
What we found from years of customer feedback is that most people do not care at all about security when it is inconvenient to them, this is why the default mode of CSS uses Windows password. But we still provide the option to have real security with a passphrase.
03-08-2012 07:27 AM