Bypass BIOS Passwords
Posted by NovaAngel at December 9th, 2006
How to Bypass BIOS Passwords
BIOS passwords can add an extra layer of security for desktop and laptop computers. They are used to eider prevent a user from chan’in’ de BIOS settin’s or to prevent de PC from bootin’ without a password. Unfortunately, BIOS passwords can also be a liability if a user forgets deir password, or changes de password to intentionally lock out de corporate IT department. Sendin’ de unit back to de manufacturer to have de BIOS reset can be expensive and is usually not covered in de warranty. Never fear, all is not lost. There are a few known backdoors and oder tricks of de trade that can be used to bypass or reset de BIOS
DISCLAIMER
This article is intended for IT Professionals and systems administrators with experience servicin’ computer hardware. It is not intended for home users, hackers, or computer thieves attemptin’ to crack de password on a stolen PC. Please do not attempt any of dese procedures if you are unfamiliar with computer hardware, and please use this information responsibly. LabMice.net is not responsible for de use or misuse of this material, includin’ loss of data, damage to hardware, or personal injury.
Before attemptin’ to bypass de BIOS password on a computer, please take a minute to contact de hardware manufacturer support staff directly and ask for deir recommended methods of bypassin’ de BIOS security. In de event de manufacturer cannot (or will not) help you, dere are a number of methods that can be used to bypass or reset de BIOS password yourself. They include:
Usin’ a manufacturers backdoor password to access de BIOS
Use password crackin’ software
Reset de CMOS usin’ de jumpers or solder beads.
Removin’ de CMOS battery for at least 10 minutes
Overloadin’ de keyboard buffer
Usin’ a professional service
Please remember that most BIOS passwords do not protect de hard drive, so if you need to recover de data, simply remove de hard drive and install it in an identical system, or configure it as a slave drive in an existin’ system. The exception to this are laptops, especially IBM Thinkpads, which silently lock de hard drive if de supervisor password is enabled. If de supervisor password is reset without resettin’ de and hard drive as well, you will be unable to access de data on de drive.
——————————————————————————–
Backdoor passwords
Many BIOS manufacturers have provided backdoor passwords that can be used to access de BIOS setup in de event you have lost your password. These passwords are case sensitive, so you may wish to try a variety of combinations. Keep in mind that de key associated to “_” in de US keyboard corresponds to “?” in some European keyboards. Laptops typically have better BIOS security than desktop systems, and we are not aware of any backdoor passwords that will work with name brand laptops.
WARNING: Some BIOS configurations will lock you out of de system completely if you type in an incorrect password more than 3 times. Read your manufacturers documentation for de BIOS settin’ before you begin typin’ in passwords
Award BIOS backdoor passwords:
ALFAROME ALLy aLLy aLLY ALLY aPAf _award AWARD_SW AWARD?SW AWARD SW AWARD PW AWKWARD awkward BIOSTAR CONCAT CONDO Condo d8on djonet HLT J64 J256 J262 j332 j322 KDD Lkwpeter LKWPETER PINT pint SER SKY_FOX SYXZ syxz shift + syxz TTPTHA ZAAADA ZBAAACA ZJAAADC 01322222
589589 589721 595595 598598
AMI BIOS backdoor passwords:
AMI AAAMMMIII BIOS PASSWORD HEWITT RAND AMI?SW AMI_SW LKWPETER A.M.I. CONDO
PHOENIX BIOS backdoor passwords:
phoenix, PHOENIX, CMOS, BIOS
MISC. COMMON PASSWORDS
ALFAROME BIOSTAR biostar biosstar CMOS cmos LKWPETER lkwpeter setup SETUP Syxz Wodj
OTHER BIOS PASSWORDS BY MANUFACTURER
Manufacturer Password
VOBIS & IBM merlin
Dell Dell
Biostar Biostar
Compaq Compaq
Enox xo11nE
Epox central
Freetech Posterie
IWill iwill
Jetway spooml
Packard Bell bell9
QDI QDI
Siemens SKY_FOX
TMC BIGO
Toshiba Toshiba
TOSHIBA BIOS
Most Toshiba laptops and some desktop systems will bypass de BIOS password if de left shift key is held down durin’ boot
IBM APTIVA BIOS
Press both mouse buttons repeatedly durin’ de boot
The followin’ software can be used to eider crack or reset de BIOS on many chipsets. If your PC is locked with a BIOS administrator password that will not allow access to de floppy drive, dese utilities may not work. Also, since dese utilities do not come from de manufacturer, use them cautiously and at your own risk.
Cmos password recovery tools 3.1
!BIOS (get de how-to article)
RemPass
KILLCMOS
Many moderboards feature a set of jumpers or dipswitches that will clear de CMOS and wipe all of de custom settin’s includin’ BIOS passwords. The locations of dese jumpers / dipswitches will vary dependin’ on de moderboard manufacturer and ideally you should always refer to de moderboard or computer manufacturers documentation. If de documentation is unavailable, de jumpers/dipswitches can sometimes be found alon’ de edge of de moderboard, next to de CMOS battery, or near de processor. Some manufacturers may label de jumper / dipswitch CLEAR - CLEAR CMOS - CLR - CLRPWD - PASSWD - PASSWORD - PWD. On laptop computers, de dipswitches are usually found under de keyboard or within a compartment at de bottom of de laptop.
Please remember to unplug your PC and use a groundin’ strip before reachin’ into your PC and touchin’ de moderboard. Once you locate and rest de jumper switches, turn de computer on and check if de password has been cleared. If it has, turn de computer off and return de jumpers or dipswitches to its original position.
The CMOS settin’s on most systems are buffered by a small battery that is attached to de moderboard. (It looks like a small watch battery). If you unplug de PC and remove de battery for 10-15 minutes, de CMOS may reset itself and de password should be blank. (Alon’ with any oder machine specific settin’s, so be sure you are familiar with manually reconfigurin’ de BIOS settin’s before you do this.) Some manufacturers backup de power to de CMOS chipset by usin’ a capacitor, so if your first attempt fails, leave de battery out (with de system unplugged) for at least 24 hours. Some batteries are actually soldered onto de moderboard makin’ this task more difficult. Unsolderin’ de battery incorrectly may damage your moderboard and oder components, so please don’t attempt this if you are inexperienced. Anoder option may be to remove de CMOS chip from de moderboard for a period of time.
On some older computer systems, you can force de CMOS to enter its setup screen on boot by overloadin’ de keyboard buffer. This can be done by bootin’ with de keyboard or mouse unattached to de systems, or on some systems by hittin’ de ESC key over 100 times in rapid succession.
It is also possible to reset de CMOS by connectin’ or “jumpin’” specific solder beads on de chipset. There are too many chipsets to do a breakdown of which points to jump on individual chipsets, and de location of dese solder beads can vary by manufacturer, so please check your computer and moderboard documentation for details. This technique is not recommended for de inexperienced and should be only be used as a “last ditch” effort.
If de manufacturer of de laptop or desktop PC can’t or won’t reset de BIOS password, you still have de option of usin’ a professional service. Password Crackers, Inc., offers a variety of services for desktop and laptop computers for between $100 and $400. For most of dese services, you’ll need to provide some type of legitimate proof of ownership. This may be difficult if you’ve acquired de computer second hand or from an online auction.
