Lenovo PC 300PL Using your Personal Computer - PC300PL - 6592 - Page 65
Enabling and Disabling Enhanced Security
![]() |
View all Lenovo PC 300PL manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 65 highlights
in a highly-protected, nonvolatile, security EEPROM module that is separate from CMOS memory and the EEPROM module that stores system programs. (Refer to "System Programs" on page 28 for information on system programs.) When your administrator password and boot sequence are locked in the security EEPROM, they remain intact even if the battery in your computer expires or is removed by someone. Enhanced security can be enabled or disabled only when you update system programs. The procedure for enabling enhanced security is explained under "Enabling and Disabling Enhanced Security" on page 52. If enhanced security is enabled and you have not set an administrator password, your computer will operate as if enhanced security were disabled. If enhanced security is enabled and you have set an administrator password, your computer will operate as follows: The contents of the security EEPROM (your administrator password and boot sequence) will be protected from failure of the battery and CMOS memory. The security EEPROM will be protected from unauthorized access because it locks after your computer is turned on and the system programs have completed their startup routine. Once it is locked, the security EEPROM cannot be read from or written to by any software application or system software until the computer is turned off and back on again. In a networking environment, this might prevent certain functions from being performed remotely on your computer. There is an extra measure of protection for the system programs in your computer. Normally, the entire contents of the system programs EEPROM is write protected with a soft lock. A soft lock allows the POST/BIOS update utility to function in a network environment. Enhanced security adds a hard lock. With a hard lock, when your computer is turned on and the system programs startup routine is completed, the POST/BIOS update utility is locked and cannot be unlocked until the computer is turned off and back on again and the administrator password is entered. Note that, in a networking environment, this prevents the system programs in your PC from being updated remotely. Someone must be present at your computer to turn it on and off in order to unlock the POST/BIOS update utility. A tamper-detection feature will alert you if the cover of your computer has been removed. This feature will work if your computer is on or off when the cover is removed. If the cover has been removed, a prompt for your administrator password will appear on the screen, and your PC will remain in a halted state until your administrator password is entered. Chapter 4. Configuring Your Computer. 51
![](/manual_guide/products/lenovo-pc-300pl-using-personal-pc300pl-6592-aec03b2/65.png)