I work for IBM Global Technology Services. They provide us with IBM/Lenovo laptops. Our security policy states we must have a power on password set in our bios. You can't get to the bios to change to boot to another device (USB) without first knowing the power on password. If you could get to the bios to change the boot order, you couldn't boot to any device without knowing the power on password. Our security policy also requires we have a hard drive password. This password is asked for at power up. If you don't know it, you can't get to the hard drive. That means that even if you could power it up, and boot it from USB, you couldn't mount the drive if you don't know the hard drive password. There is no way around this. I know this because when we return our old computers, and we forget to remove these hard drives, they call us to get them. If we don't remember them, the laptop and the hard drive are toast. Even as the company that manufactures the machine (back when IBM did that), we couldn't remove the power on or hard drive passwords. So, while your method will work on a machine not protected with a power on password or a hard drive password, it will NOT work on every machine.

you can short out c-mos on dallas chip you have to chunk into epoxy blob and remove lion battery then sandpaper connections left to battrey and then solder new battery to chip I have done this before also look here
http://www.mcamafia.de/mcapage0/dsrework.htm
he did it the hard way all you have to do is find the battery then hack it out using a small blue type snippers works best obvibously the color of snipers wont matter anwyay just get to battery then using snippers unpeal like sardine can the bigger solder tab unwrap it till it comes off fully keeping as long as peice as you can but since there is picture of chip on the mcamafia site you should beable to get to pin needed for battery anyway! then get other side off the same way keeping as mutch connection space as needed. then sicne pins went up thats why shorting them wont work i think they thought keeping people away from c-mos chip they could keep them away but when battery dies computer wont boot and locks up I learned this from a gateway ride ready c-mos hi and low chip old 486 board all were bad rev #1 fun 1 no video this means the nickel cad batterys were shorted then i snipped battery off and it continued booting! to solder to pins just get some new 3m sponge scrubbie brand scratch pad then use small sandpaper file to sandpaper the pins or the connections left from battery it actually will for shure solder then after you scratch down to brass it will take solder most battery terminal solder tabs wont solder to the coating . i did that and computer works great . I also know if you have a compaq protable II suitcase computer take a nokia 3589i
Nokia BLC-2 battery and use phone to charge to charge complete then add solder blobs to battery + - terminals leave other terminals alone so you can recharge it in phone you must unsolder from computer to recharge in phone
then use a kid toy battery compartment wire for wire or comprable wire to solder and replace battery in compaq portable II suit case comuter then download c-mos utility called setup this file is for a floppy so you may have to use dos 0.72 to load up dos and make floppy then remove compaq II whole drive caddy with old 5¼ and replace miniscribe IDE drive w cavair 2g or 1g or 500Mb cause you only get 259Mb anyway I forget witch drive it is but it looks like 1024 16 63 and it works with 259Mb sicne all my 850Mb caviar wd hd's are bad i just used a 2g anwyay then load up new computer w usb stick w setup on it boot to usb device or memmory stick device and then format b:/s
then copy dos to floppy then steal compaq setup.exe file then take format.com
sys.com
edit.com
attrib.exe
edit.hlp
fdisk.exe
format.com
cdtech.sys
mscdex.exe
I havent tried cdrom cause c-mos not comatible w more than 1 drive.
then hook b: to big computer remove usb stick and boot from 3¼ floppy you just made w compaq setup on it then format b: /f:360 /s
then it formats crappy compaq c-mos type floppy bootable it can be win98 but since computer has crappy memory just use win95 actaully dos version does not matter qwbasic still runs then after you make a boot fisk for it using its own floppy drive or a nother /f:360 floppy witch its c-mos is looking for then you can put back into compaq portable w nokia battery as c-mos not hooked to phone remember charging is in phone as normal then solder blobs should beable to connect good when charging.
then put caviar wd 2g drive into big machne boot from 3¼ floppy put sys on it
then put into compaq II and boot from 360 floppy run setup detect 259M drive
then reboot then format c:/q/s
you might need more floppys from usb or big machine to fit all dos format utiltys on then once you format c:/q/s s being system and q being fast
I use win98 cause its faster and lets you use large.
then once you get it to boot to win98 dos you will see the win98 thing in GREEN its so cool you can remove ide drive and put basica qwbasic and other stuff on it in xp using usb to ide stick or just put as d drive then since miniscribe is usb you should beable to do the same on xp.
on n610 or most square dram chips the side opposite pin one can be shorted no batteries must be hooked c-mos or big battery then only hook up power pack to laptop then short c-mos chip then unplug power pack super fast then wait 5 minnutes then replace all batteries and c-mos will clear.
now I had a keyboard w ide video and floppy it was called a hide ccomputer it was a vga card w ide on it and a small form factor 486 texas instruments 386 chip but it was a 486 on a 386 motherboard so it was a 486 but was a square 486 chip and over heated easyly cause no heat sink lame anyway its c-mos chip was a normal 28 pin chip and if you set password even if you cleared password when it didnt have one it would just screw FUC_ it up it would just show : for 1st try and then : so you would get
::: and it would lock up after 3rd password try my dad said when he gave it to me he said DONT put password into it I said ok cool free computer.
I turned it on then removed a smaller chip next to the c-mos chip then replaced it and for some reason when it was on if i turned it back off and on again this procedure would clear c-mos password witch you still needed to stay out of password menu in c-mos and it would work great untill you tried to add password.
thats when i learned about shorting batterys and clearing c-mos .
on most chips the 2nd to last and the 3rd to last pins usually clears every thing DONOT DO THIS ON A arcade space invaders motherboard cause you will lose eeprom info remember c-mos for comuters is 2 fold 1st the program is loaded then the .bin file is loaded into the chip but the chip is formated a certian way so you can copy one in burner but not just send it a file
you need to run awdflash.exe and use the /d the /d option saves original info and only writes new info updating file i have more success this way also the new one always back up c-mos on nother floppy and always choose update instead of replace.
and always good luck.
if you have ontracks/krolls seagates dm disk manager just load to f8
then type in a:/command.com
you cant just type command.com on dr dos you have to do the a:\command.com
then steal dm.exe and all needed files for this file to run
then load to dos w autoexec.bat having dm.exe /x/m
then /x does not load the xbios.ovl file witch tells diskmanager to do ceritan drive once you do the /x it works and disables looking for drive type it came w drive so you can use with any type drive not just seagate drive i got utility from
ontrack dont like this but I dont care i use utilty all the time to reformat drives
1st once it sees drive check dos to see what win98 dos sees as fdisk
then choose autodetect in c-mos on new computer then run dm /x /m
then if it dont see drive as whole amount of mb then goto c-mos in computer choose chs and manual and choose 1024 16 63 then
goto dos format as what ever you can get in dos reboot then format /q/s then reboot soo it boot to dos w system on it
then reboot change c-mos to autodetect check dm to see if it sees whole thing if it chooses to format more than 27 volumes let it then reboot use dos what ever it sees choose no to big w fdisk then delete all partitions then reboot then fdisk again /mbr reboot then choose no to large on fdisk then add partition donot add logical partitions just choose 500mb then push 2 to activate then reboot leave autodetect on auto then dos format c:/q/s
/q quick and /s system remember to have sys.com format.com edit.exe edit.hlp
and attrib.exe and all dos files to make c drive boot also cdtech.sys or a cdrom driver and mscdex.exe
also you need
config.sys
device=himem.sys
device-cdtech.sys /d:cd
autoexec.bat
mscdex.exe /d:cd
set blaster=a220 i5 d1 t330 t being midi port
then format c:/q/s
then reboot then check dm.exe /m/x
then delete all partitions leave win98 w dm.exe that you booted in for sys
then choose check partitions delete all partitions using alt c then add new push b for bootble then leave 1 meg free i usually leave some more than that then format partition let it do then reboot then dos format /q/s this way it marks bad file alloction tables and quick formats the 1st time you quick format it will fail and just say yes to unconditional format /u
then reboot and run dm.exe /x dont put the /m just automaticly fat32 win98
format it quick then reboot and format /q/s then you can boot from xp disk and it will see it as new delete win98 then you have new ntfs you can make
i always chose fast and leave my self a d drive as a fat32 partition then reboot not using it and put winxp on the ntfs partition 60% 40% d is always 40 % and usually fat32 and c is ntfs now i just use ntfs cause i have usb to ide now.
if you have the msdn version of xp media center you need to use difernt verison of xp to detect more than 300G .

Dude, just no... if I may, I'm gonna start pointing out issues with your info. "I have internet access from your PC's, yes? Then I can download what I need, regedit the Windows Registry and enable any features or leave behind trojans, keyloggers and backdoors for use later or via 'net." First off, even if you have internet access, any smart admin will not allow you to access regedit (very simple to disable in XP). Disable the loading of ANY programs except the ones specified. BIOS passwords help, but are not as secure. Regarding accessing files on a disk, full disk encryption with AES-128 will easily keep an average user or hacker out. Yes, there is a method of dumping the key from RAM, but if you disable booting from USB and/or CD (not including floppy drives as they are becoming irrelevant), then you won't have an issue even if someone steals it. Can't forget basic antivirus, good luck loading your malicious code... all of what I said applies strictly to the PC world (Windows/Linux/BSD/generic x86), however, Mac OS X (10.3-10.4 tested) and Linux have a couple minor exploits (single user, .AppleSetupDone) that are simple in nature that can be used to gain admin (or in some cases root user).

OMG. If only I understood this. I bought a Gateway 2000 laptop with Phoenix BIOS, and the danged thing has a BIOS password I cannot for the life of me get past. No way to get into setup. I even bought a floppy drive for it and tried a couple of "swear to god" password cracking software things. It will not boot from CD or floppy. None of the backdoor passwords work. First question - if you blow your first three tries and get locked out, does that mean "forever, or just until you power down and wait for awhile? Since it's a laptop, I've been told that the password is stored in EEPROM, and there's no way around that without expenses I can't afford. I mean the dang thing isn't even worth it in the long run, but it's one of those challenges that is just driving me absolutely nuts. Plus, I'm a 50-year-old noob, so I'm a little left in the dark. Gateway and Phoenix appear to be especially protective of their secrets. Should I just give up on the thing, or is anyone out there smart and kind enough to help me through this and be able to cry "victory"?