Discuss this tutorial on the AntiOnline Security Forums.
It is appalling how easily security measures are circumvented on most laptops. In the following paragraphs you will learn various methods of securing your laptop against theft and unwanted users tampering with your files. You will also learn how to circumvent most of those security measures should the need arise.
First, let's take look at some the terms we'll be discussing in this tutorial and what they mean.
BIOS - Intended to detect/verify hardware (via POST) and select a boot loader prior to entering the Operating System. This is the very first thing a computer does when powered on.
BIOS Password - A password stored on the motherboard that requires you to authenticate prior to booting into any Operating System.
Operating System - Abbreviated as OS and referring to Windows XP/Vista, Mac OS X, Linux Distributions (Such as Ubuntu, SUSE).
CMOS - The chip on the motherboard where a variety of information (including the BIOS password) is saved.
CMOS Battery - A small battery on the motherboard dedicated to powering the CMOS chip.
MoBo - Motherboard.
Operating System Passwords
I will begin with OS passwords. This is the only security precaution I say is an absolute necessity. If you keep your laptop behind locked doors (i.e. at home) 24/7 and you'd rather not deal with more inconvenient security precautions, at least take the time to set up this password.
Step 1 - Set a password for all administrator accounts, including the hidden Administrator account in Windows XP and Vista. You can access the Admin account in Windows by booting into safe mode. This is accomplished by mashing F8 frenetically as the computer first powers on.
Step 2 - Once this is done, train yourself to lock the computer (Windows key + L in Windows) every time you are away. This will prevent Joe Blow in an adjacent office/dorm room or anyone that happens upon your laptop from sitting down and potentially doing nasty things. Or possibly simply annoying things...like relatives that find if funny to deposit naughty gifts on your desktop.
Step 3 - Secure yourself against telling everyone your password.
Step 4 - Change all administrator passwords from time to time. Realistically this only happens once every six months at best unless you are paranoid.
Unfortunately these passwords are the least secure of all in terms of physical security. Windows XP and Vista passwords are easily wiped out using a variety of applications on boot CD's. I've used four different applications, and I imagine there are many more out there.
The same theory applies to Mac and Linux operating systems as well, although password resetting programs for these OS's are far more obscure. Mac passwords are slightly more secure purely because fewer people know how to reset them (security by obscurity). It took me over an hour one day to figure it out and that was with Google on hand to aid with research.
This article was first published on EnterpriseITPlanet.com.