Home > Data Storage Media > Hard Disk Drive > More Insights to Hard Disk > Hard Disk Password Security Lock

Hard Disk Myths
Hard Disk Head Crash
Hard Drive Parts by George Hernandez
Hard Disk Smart and Microsoft WM
Hard Disk Password Security Lock

Hard Disk Password Security Lock

Modern hard disks (notably IDE ATA IV and above) support setting of hard disk password lock so user cannot access the drive until correct password is entered. This is a common implementation in most modern notebook. These hard disk lock passwords are not the same as BIOS passwords. Moving a locked hard disk drive to another machine will not unlock it since the hard disk password is stored in the hard disk special system (non-data) zone. Hard disk lock passwords can not be removed by reformatting or zero-filled the disk, fdisk or any other software procedure (with some exception).

As the hard disk lock is part of the more advanced ATA security features, it has some anti-hacked features. For instance, some software could be written to "guess" the password in an attempt to unlock it. However, a power reset must be performed after five guesses so it makes the "hacking" difficult.

The hard disk passwords comes in two kinds of passwords: A User password and a Master password. The Master Password Revision Code (word 92 in the IDENTIFY response with default value of 0xFFFE) can tell you if the Master password has been changed or if it is the factory default. So if the Master Password is unchanged, and if one knows the "default factory password" assigned as the master password, assuming the hard disk lock is not in maximum security mode, one can then bypass the disk lock easily. For security reason, we will not discuss or release what are the default factory password.

A disk can be either locked in High security mode or Maximum security mode. Bit 8 in word 128 of the IDENTIFY response should tell. ie 0 = High, 1 = Maximum.

In High security mode, one can unlock the disk with either the user or master password by using the "SECURITY UNLOCK DEVICE" ATA command.

In Maximum security mode, one can not unlock the disk without knowing the passwords. One way to reuse the disk is to issue the SECURITY ERASE PREPARE command followed by SECURITY ERASE UNIT. However, The SECURITY ERASE UNIT command will require the Master password and all data will be erased as a result.