I am a bit of security expert myself!
pulls out screwdriver
In the past they had jumpers for the same purpose.
IBM ThinkPads could be reset if you beamed a certain radio frequency directly at the BIOS chip. It was documented in the user guide as a feature if you were ever locked out, or the system was no longer booting. It’s been 20 years but I doubt that feature ever went away.
For a while vendors tried to lock down the BIOS pretty hard. Dell might still, I remember having to call and get assistance when a password was forgotten and they had to generate a backdoor key of some sort. Maybe that is less of a thing now that Bitlocker is widely used on corporate laptops and it is sensitive to tampering.
Came here with the exact same thought. The good old PSWD jumper trick to reset the BIOS password.
yeah, I did that in my high school years.(80386~80486 years). The jumper reset is neat cause you can then set the school computer to boot from floppy first instead of booting from whatever source it was set to.
So, how tf you have access to MB? Well, if you are much better at computers than most teachers at school, naturally they let you “help” doing the maintenance(aka, figure out what’s wrong, replace parts etc). I did those free labour so I can play some games during school hours, so that’s a fair trade.
BIOS passwords have only ever been to deter unsophisticated attacks. Though this is more unsophisticated than the rest.
like just removing the battery to reset the CMOS
That hasn’t worked in a while, has it?
on DIY motherboards it still works like this
It’s a little difficult to reset the password if it’s lost otherwise.
Most motherboards store the password in SRAM along with all of the other BIOS settings. Removing or shorting the backup battery will clear everything.
Some motherboards store the password in non volatile memory. That’s usually done in computers intended for business use. If you forget the password, you have to get a reset code from the manufacturer after proving that you are the owner of it.
It’s even more trivial to remove the hard drive and read/write it directly, possibly even booting it on a separate system directly or in a virtual machine. BIOS passwords (on all x86 systems, not just Lenovo) provide very limited security benefits, but they can be sufficient for some basic security requirements.
The BIOS password isn’t a security feature, it is a convenience feature.
At the very least you can just remove the drive and put it into another device. But also you can almost universally just remove the BIOS storage (or even just the battery) and replace it.
Maybe secure boot will change this if the BOIS is measured into the TPM on boot and use as part of the disk encryption key, but I don’t know if even Windows does that.
