12-27-2011 05:49 PM
Thinkpad T420s (4170CTO) with latest BIOS 1.31.
I have set a supervisor password in BIOS and enabled it to prompt for password when entering BIOS. Also I've enabled access to change boot order via F12 key. This setting claims only a supervisor can access this setting, but when I press F12 on startup no password prompt appears. Only when entering BIOS does the password prompt appear.
This seems like a major security issue, as anyone can change the boot order to optical drive or USB drive and access the system, reset Windows admin password with Windows installation disc, etc.
I understand I can disable all other boot options in BIOS, that way no one can boot from anything other than the hard drive. However, I want to password protect the boot order screen instead so I don't have to disable other drives entirely. Is there a way of doing this? The BIOS setting implies that it's password protected but it's not, so is this a bug or am I misunderstanding something?
Thanks in advance!
12-27-2011 06:22 PM