Cannot enable SED password

[thargthemighty]

I bought a crucial mx200SSD which is SED (self encrypting drive) all I need to do is set up the ATA HDD password and the drive contents will be secure in the event of theft, etc.

However the BIOS menu does not show an option to set HDD password. Is it possible?
My BIOS version is R0180Y9 (SONY VAIO F13 LAPTOP).

I suspect SONY chose not to include this option to prevent users setting a HDD password for some reason. Is there a way to unlock this feature or will I have to accept I cannot protect my data?

I have not actually physically installed the SSD yet so will the 'set HDD password' option appear after I put it in? My current drive is a Seagate Barracuda 1TB 3.5" connected to the eSata by a cable. It supposed to support ATA password but there is no HDD password option for that.

The HDD password is not to be confused with BIOS password. There is a BIOS password option in the menu that prevents someone using the machine but an ATA password is on the disk itself so that even if the disk is taken out, it cannot be accessed without the password.

 

[popatim]

I don't belive the mx200 is a SED, rather is an 'Encryped Drive for Windows' which basically means it will hardware encrypt when you use bitlocker, win 8, 10, or server 2012

 

[thargthemighty]

Thanks for your reply. I am a novice so please excuse me if I don't understand very well.

I'm properly confused now. Crucial don't seem to publish a proper data sheet only a sales brochure. You may be correct that an ATA password is not a supported feature. There seem to be some threads suggesting it isn't and you have to use proprietary non-free software to secure it.
My understanding was that the hardware automatically encrypts all data as it is written by default and decrypts it automatically also. But if the drive is locked, the data cannot be decrypted.

This thread implies it is possible to use ATA password http://forum.crucial.com/t5/Crucial-SSDs/MX200-preferred-encryption-eDrive-vs-TPM-ATA-security/td-p/165487

Where can I find a proper data sheet to confirm if it supports ATA security commands?

This thread says it has ACS-3: http://forum.crucial.com/t5/Crucial-SSDs/ssd-mx200-msata-250gb-hangs-every-time-and-now-is-not-bootable/td-p/173133

So, my problem is in 2 parts; 1. Does the SSD support a ATA password? 2. How do I set the password and enter it to access the drive if there is no BIOS menu option?

I intend to install dual boot win7 + linux so I want the password before startup.

It also says the drive has OPAL and IEEE1667.

Any suggestions?

 

[ex_bubblehead]

First things first. You cannot set the HD password on a drive until you physically install that drive.

Second, if the BIOS does not support setting an HD password then you cannot use that function and must use 3rd party software to encrypt the drive.

 

[thargthemighty]

Thanks. I understand it must first be attached to the computer 🙂 If a BIOS does support hdd password, is it just the case that it sends ATA commands to the SSD to set the password? Then (here is where I am unsure) when you boot, does the BIOS prompt for the password to be entered or does something on the SSD load into memory and prompt for the password? If the latter, perhaps there is a utility to send ATA commands manually to the drive to set the password or put it in a PC whose BIOS can set HDD password and then install it in my laptop after?

If not what 3rd party software is best so I can dual boot? it says it has OPAL standard.

 

[popatim]

Sed: bios knows nothing of the encryption. Its entirely done on the drive. When you startup the pc, the drive presents about 100mb or so 'boot drive' to the bios and the bios boots that built in mini-os. Its that mini-os that asks you for the password and then unlocks the drive.

TPM: Trusted Platform Module on the motherbd 'talks' to the drive. In easy terms once the bios is set to encrypt and the password has set then the bios will ask for the password at boot.

eDrive: Is only available with Microsoft win8/8.1 and 10 PRO and above versions. Bitlocker is used to unlock the drive during the boot process (hence the need for the pro version, the lower versions do not have it) and the drives hardware encryption handles decrypting the drive from that point on. There is no Impact on the CPU and yes the whole drive is/can be secured if the pc/laptop supports UEFI version 2.3.1 and has the EFI_STORAGE_SECURITY_COMMAND_PROTOCOL defined. That part is difficult to ensure, as most manufacturers don’t specify it in their specs.

 

[teknovice]

i'm new to this too, but i think the mx200 is sed

http://www.crucial.com/usa/en/storage-ssd-mx200
"Keep personal files and sensitive information secure from hackers and thieves with AES 256-bit encryption – the same grade used by banks and hospitals. The Crucial MX200 meets or exceeds all industry encryption standards, including Microsoft® eDrive, IEEE-1667, and TCG Opal 2.0."

as to software, i keep seeing the mention of using bitlocker or winmagic to manage a sed, esp if your bios doesnt have the option to set the hard drive password.
i also stumbled across this
https://www.drivetrust.com
they have programs/apps to manage a sed. Seems free but they seem to be in the alpha testing stage. has anyone tried their programs? is it only necessary if you can't set a hard drive password from the bios? also worth mentioning, they have both a windows and mac version