HP EliteDesk 705 G2 Maintenance and Service Guide - Page 78

Table 5-2 Computer Setup-Security (continued) CAUTION: Clearing the TPM resets it to factory defaults and turns it off. You will lose all created keys and data protected by those keys. Set Up BIOS Power-On Password Lets you set and enable a BIOS power-on password. The power-on password prompt appears after a power cycle or reboot. If the user does not enter the correct power-on password, the unit will not boot. Change BIOS Power-On Password (This selection is active only if a BIOS power-on password is set.) Lets you change the BIOS power-on password. You must know the current password to be able to change it. DriveLock Allows you to assign or modify a master or user password for hard drives. When this feature is enabled, the user is prompted to provide one of the DriveLock passwords during POST. If neither is successfully entered, the hard drive will remain inaccessible until one of the passwords is successfully provided during a subsequent cold-boot sequence. NOTE: This selection will only appear when at least one drive that supports the DriveLock feature is attached to the system. CAUTION: Be aware that these settings take place immediately. A save is not necessary. CAUTION: Be sure to document the DriveLock password. Losing a DriveLock password will render a drive permanently locked. After you select a drive, the following options are available: Set DriveLock Master Password. Sets the drive's master password but does not enable DriveLock. Enable DriveLock. Sets the drive's user password and enables DriveLock. Secure Erase Lets you select a hard drive to completely erase. Once a hard drive has been erased with a program that utilizes Secure Erase firmware commands, no file recovery program, partition recovery program, or other data recovery method will be able to extract data from the drive. Save/Restore MBR of the Enabling this feature will save the Master Boot Record (MBR) of the system hard drive. If the MBR gets system hard drive changed, the user will be prompted to restore the MBR. Default is disabled. The MBR contains information needed to successfully boot from a disk and to access the data stored on the disk. Master Boot Record Security may prevent unintentional or malicious changes to the MBR, such as those caused by some viruses or by the incorrect use of certain disk utilities. It also allows you to recover the "last known good" MBR, should changes to the MBR be detected when the system is restarted. When MBR Security is enabled, the BIOS prevents any changes being made to the MBR of the current bootable disk while in MS-DOS or Windows Safe Mode. NOTE: Most operating systems control access to the MBR of the current bootable disk; the BIOS cannot prevent changes that may occur while the operating system is running. Restores the backup Master Boot Record to the current bootable disk. Default is disabled. Only appears if all of the following conditions are true: ● MBR security is enabled ● A backup copy of the MBR has been previously saved ● The current bootable disk is the same disk from which the backup copy was saved CAUTION: Restoring a previously saved MBR after a disk utility or operating system has modified the MBR, may cause the data on the disk to become inaccessible. Only restore a previously saved MBR if you are confident that the current bootable disk's MBR has been corrupted or infected with a virus. Smart Cover Cover Lock (Lock/Unlock) Default is 'Unlock'. 68 Chapter 5 Computer Setup (F10) Utility