Support in other languages: 
turn on suggestions Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Forums KB Blogs Support Shop
Reply
Topic Options
imjscn
Serial Port
imjscn
Posts: 41
Registered: ‎11-29-2009
Location: Beijing
0
Accepted Solution

How to re-initialize TPM , or CSS is just a Faulse Safty Solution?

Options

‎03-07-2012 08:28 PM

 

When I newly bought the R400, I played around with the security options, but didn't use any except the finger print.  Everytime after I registered a new finger, it recommened me to continue to other CSS features. When I clicked through, it required TPM password which I didn't remember that I set it before. It didn't bother me because I didn't need to use it.

Now I want to use the CSS more than just finger print.   So, I uninstalled the old CSS, cleared Security Chip. Installed new CSS. Now I can get in CSS to manage things, but it doesn't provide a way for me to set the TPM password.

I'm confused, My research shows TPM password is set when it's initialized. I disabled the chip and changed to Inactive, then, reinstalled CSS. Still can't get a way to set the password.

How to set it?

Thinking of anybody who knows my Windows login password can go CSS to manage my secrete makes me feel the CSS is a faulse safty solution. Isn't it?

Hope I was wrong.

 

Regards

Message 1 of 3 (563 Views)
 
Reply
Please use plain text.
 
Lenovo Staff
someotherguy
Posts: 1,571
Registered: ‎10-29-2009
Location: NC
0

Re: How to re-initialize TPM , or CSS is just a Faulse Safty Solution?

Options

‎03-08-2012 06:49 AM

CSS has 2 modes - default mode is "password mode" where CSS uses Windows password.  And you are right, anyone that knows your Windows password will be able to unlock your CSS secrets so it is not very secure.

 

Other mode of CSS is "passphrase mode" where you have a separate CSS passphrase that is not at all related to your Windows password.  This is extremely secure as long as you set an appropriate passphrase.

 

You can choose the mode that CSS uses in the CSS GUI at Control Panel -> System and Security -> Lenovo's Enhanced Security.  Then choose "Change authentication mode" from the "Advanced" menu.

 

You can also read about how CSS works and the different security options in the CSS deployment guide:  http://download.lenovo.com/pccbbs/thinkvantage_en/css83dg_en.pdf

 

What we found from years of customer feedback is that most people do not care at all about security when it is inconvenient to them, this is why the default mode of CSS uses Windows password.  But we still provide the option to have real security with a passphrase.

Message 2 of 3 (542 Views)
 
Reply
Please use plain text.
 
imjscn
Serial Port
imjscn
Posts: 41
Registered: ‎11-29-2009
Location: Beijing
0

Re: How to re-initialize TPM , or CSS is just a Faulse Safty Solution?

Options

‎03-08-2012 07:27 AM

Sorry for rushing into conclusion in my previews post.
I see, so, I will try to commit my secretes to this CSS :-)
Thanks for explaining!
Message 3 of 3 (538 Views)
 
Reply
Please use plain text.
 
turn on suggestions Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.