Hard disks (IDE ATA IV and above) support settings of one standard security feature -Hard Disk Password Lock. The password length has a maximum length of up to 32 characters. Once activated, user cannot access the hard disk drive until correct password is entered. Most notebook BIOS carried such password lock feature. Moving a locked hard disk drive to another machine or as secondary drive will not gain access as the password is stored in the firmware or non-data zone and will not be bypassed until a matching password is supplied. So reformatting the drive or zero filled the disk will not be the solution to access the drive which will not get ready for such operation anyway.
Some modern USB hard disk also supports the same kind of security feature.
Hard disk lock is part of the more advanced ATA security features, it has some anti-hacked features. For instance, some software could be written to “guess” the password in an attempt to unlock it. However, a power reset must be performed after five guesses so it makes the “hacking” difficult.
The hard disk passwords comes in two kinds of passwords: A User password and a Master password. The Master Password Revision Code (word 92 in the IDENTIFY response with default value of 0xFFFE) can tell you if the Master password has been changed or if it is the factory default. So if the Master Password is unchanged, and if one knows the “default factory password” assigned as the master password, assuming the hard disk lock is not in maximum security mode, one can then bypass the disk lock easily. For security reason, we will not discuss or release what are the default factory password.
A disk can be either locked in High security mode or Maximum security mode. Bit 8 in word 128 of the IDENTIFY response should tell. ie 0 = High, 1 = Maximum.
In High security mode, one can unlock the disk with either the user or master password by using the “SECURITY UNLOCK DEVICE” ATA command.
In Maximum security mode, one can not unlock the disk without knowing the passwords. One way to reuse the disk is to issue the SECURITY ERASE PREPARE command followed by SECURITY ERASE UNIT. However, The SECURITY ERASE UNIT command will require the Master password and all data will be erased as a result.
If the password is forgotten or lost, whether the drive can be unlocked or not depends on the security level used (high or maximum security) and model of drives.
Data recovery Salon welcomes your comments and share with us your ideas, suggestions and experience. Data recovery salon is dedicated in sharing the most useful data recovery information with our users and only if you are good at data recovery or related knowledge, please kindly drop us an email and we will publish your article here. We need to make data recovery Salon to be the most professional and free data recovery E-book online.