All major operating systems offer a way to set up a login password. This gives people the feeling that access to their computer is protected and their files are private. Unfortunately, this is just an illusion. If you boot, say, Ubuntu from a USB drive, you can mount a Windows partition and read all the files without providing a password. People are in for a bit of a shock when they find out how easy it is.
ContentsYour drives have their own "operating system"How to setup drive password from BIOS or UEFIEnter UEFI/BIOS setupPassword lock drivesConclusionBut that doesn't mean protecting your login account with a password is useless, just that it's more of a method of restricting access when you temporarily leave your desk. But what if you want to make sure no one can read your files while you leave your computer unattended for hours or days?
One solution to keeping your data private is full disk encryption. Another simple solution is to password protect the disk itself. Firmware is software that runs on a device, and disks have it too. This is independent of your operating system and may apply its own rules, which means that no one will be able to read and write to this disk without providing the appropriate password. The disk itself will deny all access and cannot be fooled by another operating system. Even if the disk is removed and moved to another computer, access will be denied.
You can think of UEFI as a kind of micro-operating system that runs on your computer before anything else is loaded (like bootloader, Windows, drivers, etc.) . You will enter its configuration menu to configure the passwords. The BIOS is similar but is only used on fairly old computers.
Unfortunately, there is no standard way to access this menu. Each motherboard manufacturer freely chooses the desired configuration key. But, usually, after pressing the power button on your computer, you need to quickly press DEL , ESC , F1 , F2 , F10 , F12 to enter setup. If you have the BIOS, this is the only way to access its settings. Press one of these keys several times to be sure that UEFI/BIOS picks it up. If none of the keys work, read your motherboard's printed manual or search online to find the required key.
On modern UEFI implementations, you can reboot into this configuration menu directly from Windows.
The UEFI/BIOS setup menus don't have a standard set in stone either. Each manufacturer implements their own desired version. The menu can include either a Graphical User Interface (GUI) or a Textual User Interface (TUI).
Use the left or right arrow keys to navigate to the "Security" tab (or equivalent) if your setup will look like the following image.
Do not confuse disk user password with UEFI/BIOS user password.
If the options to set user password/master password for disks are grayed out, it means you need to restart the machine. Simply turn it off, turn it back on, then press the required key to enter UEFI/BIOS setup. This must happen before Windows starts, otherwise UEFI/BIOS will re-lock the disk security settings as a measure to protect against unauthorized changes (e.g. malware could use it to lock you out).
Set the disk user password. After you save it, the computer will ask you for this password every time you turn it on to unlock the drive. If you have the option available, set the master password as well, just to make sure you override the factory default password.
Save BIOS/UEFI settings and exit. (The appropriate key to do this should be displayed somewhere on the screen.)
At this point, you know your drive is safely locked when you leave your computer unattended. And, if you wish, you can also password protect access to your BIOS/UEFI settings. This will generally be referred to as an "administrator password". The "User Password" is used for different purposes and is not really required in this particular case. But if it's the only one you have, configure it to prevent unauthorized changes to your BIOS/UEFI settings. It should be noted, however, that if someone opens your computer case, this password can be reset. Consider this a "lightweight" security measure.
