04-01-2019 12:15 PM
After we were recently burgled I want to ensure our new laptop is made as useless as possible to any potential thief, I have:
1) Upgraded to Windows 10 Pro and enabled Bitlocker
2) Set a strong Administrator Password in BIOS and stored in keysafe - our old laptop had Bitlocker but I never thought to lock the BIOS
3) Upgraded to latest BIOS version
4) Removed all devices apart from the internal hard drive from the boot device list, meaning you need to go into the BIOS (with supervisor password) in order to boot from another source
Is there anything else I can do? If the thief removes the SSD from the machine and re-installs windows on another device is the BIOS smart enough to detect the UEFI files have changed and require Supervisor password again? Would swapping the drive be considered a boot device change and also require Supervisor password? I understand with bitlocker enabled the TPM monitors the boot files for tampering?
Solved! Go to Solution.
04-01-2019 02:48 PM
Welcome to the Community Forums.
Other softwares are also available for added security but with the Supervisor BIOS password, the hardware security should be enough.
If they would not be able to provide it then other ways on unlocking is to replace the motherboard itself since it is embeded on a chip soldered onboard.
Even if the harddrive is replaced, system would not allow it to proceed further. They cannot even install Windows in the machine. Bitlocker can secure the contents of your harddrive but can be erased or reformatted on a different machine.
So if you forgot your BIOS password, most likely no one in Lenovo or any support department can unlock it and you may have to replace the entire motherboard itself.
I hope this helps answer your query.
04-02-2019 03:49 AM