News Cyber Security Expert Defeats Lenovo Laptop BIOS Password With a Screwdriver

Toggle sidebar Toggle sidebar
If you literally have physical access to the device. Why in god's name would you try to bypass the BIOS password instead of just ripping out the storage device.

To reuse and old device makes sense, but then this has nothing to do with "security".
 
  • Like
Reactions: artk2219
PlaneInTheSky said:
If you literally have physical access to the device. Why in god's name would you try to bypass the BIOS password instead of just ripping out the storage device.

To reuse and old device makes sense, but then this has nothing to do with "security".
Click to expand...
some of us got paid to recover lost passwords with a screwdriver
 
  • Like
Reactions: artk2219
What happened to just shorting the CMOS battery? I did this with kitchen tongs in a pinch for a friend. Her ex boyfriend put a bios password on hers when she broke up with him.
 
  • Like
Reactions: artk2219
shaftdonuts said:
What happened to just shorting the CMOS battery? I did this with kitchen tongs in a pinch for a friend. Her ex boyfriend put a bios password on hers when she broke up with him.
Click to expand...
Apparently that doesn't work on newer laptops. From the cyber security blog being referenced:

"An old approach to resetting the BIOS would be to remove the coin cell battery and wait 5-10 minutes. This resets the BIOS configuration to factory defaults. This may have worked previously; however, on modern systems the configuration is stored in non-volatile storage on the motherboard. A different approach would need to be taken with these laptops."

blog.cybercx.co.nz

Hardware Hacking to Bypass BIOS Passwords

A beginners hardware hacking journey of performing a BIOS password bypass on Lenovo laptops. In this article we identify what the problem is, how to identify a vulnerable chip, how to bypass a vulnerable chip, and finally identify why this attack works and ways that it can be prevented.
blog.cybercx.co.nz blog.cybercx.co.nz
 
  • Like
Reactions: artk2219
PlaneInTheSky said:
If you literally have physical access to the device. Why in god's name would you try to bypass the BIOS password instead of just ripping out the storage device.

To reuse and old device makes sense, but then this has nothing to do with "security".
Click to expand...
Because the goal here is not to strip the parts, it's to regain full access to the BIOS and computer. Making a more usable computer than one stuck with a locked BIOS.
 
  • Like
Reactions: TJ Hooker
Ah, a 'new' hack that's been known for literally over two decades. Shorting the I2C pins to clear the BIOS (and later UEFI) password is a trick that dates back to before Lenovo acquired the Thinkpad line from IBM.

This is specifically for resetting the Supervisor password. The regular boot BIOS password can be reset trivially if there is no supervisor password present, and the procedure is even detailed in the manual.
 
  • Like
Reactions: LabRat 891
edzieba said:
Ah, a 'new' hack that's been known for literally over two decades. Shorting the I2C pins to clear the BIOS (and later UEFI) password is a trick that dates back to before Lenovo acquired the Thinkpad line from IBM.

This is specifically for resetting the Supervisor password. The regular boot BIOS password can be reset trivially if there is no supervisor password present, and the procedure is even detailed in the manual.
Click to expand...
so true lol
dat feeling, when u did that "hack" 11yrs ago

T420
it was a bit tricky to find eeprom chip, find pins, hold laptop parts and short pins in the right time (7th and 8th iirc)
btw small tweezers are much comfortable to use in this situation
 
Last edited:
PlaneInTheSky said:
If you literally have physical access to the device. Why in god's name would you try to bypass the BIOS password instead of just ripping out the storage device.

To reuse and old device makes sense, but then this has nothing to do with "security".
Click to expand...

If the device is using bitlocker or tpm encryption you wouldn't be able to access the 'storage'. (Which is enabled by default on all windows 11 retail installs)

Resetting the cmos clears tpm.
Removing the battery clears tpm.
Removing the storage device invalidates tpm and triggers bitlocker recovery.
 
ringdingdin said:
If the device is using bitlocker or tpm encryption you wouldn't be able to access the 'storage'. (Which is enabled by default on all windows 11 retail installs)

Resetting the cmos clears tpm.
Removing the battery clears tpm.
Removing the storage device invalidates tpm and triggers bitlocker recovery.
Click to expand...
if device is under protection with armed guards and dogs and contained in bunker....yeah, screwdriver hack won't work.

dude, topic is about bypassing and resetting BIOS password...k?
 
edzieba said:
Ah, a 'new' hack that's been known for literally over two decades. Shorting the I2C pins to clear the BIOS (and later UEFI) password is a trick that dates back to before Lenovo acquired the Thinkpad line from IBM.

This is specifically for resetting the Supervisor password. The regular boot BIOS password can be reset trivially if there is no supervisor password present, and the procedure is even detailed in the manual.
Click to expand...
There's no mention of shorting pins in your link though, it's about talking to the eeprom chip over a serial interface.
 
Actually a very old solution. About 7 years ago a friend asked me to destroy her work-Lenovo ThinkPad T431s after she left the bank she worked for. I paid a Lenovo tech a few bucks to show me the "screwdriver trick " because I liked the machine's specs and it worked like a charm.
It only allowed access to the BIOS though: I could not break the Bitlocker encryption so I was forced to format and reinstall Windows. In any case, job done ánd I got a very nice (and expensive) laptop which I still use.

 
  • Like
Reactions: LabRat 891
You must log in or register to reply here.

TRENDING THREADS

Latest posts

Moderators online

Share this page

COMPANY
RESOURCES
FOLLOW
Top Bottom