Hard Drive Password Problems

Hi,

My laptop has died and I have taken out the hard drive and connected
it to a USB connector.

Windows recognised the hard drive and it apears in Device Manager but
does not map a drive or apper in the Disk Management wndow.

I then remembered I had set a password for the drive.

Question 1 - Is there any way to enter a HDD passowrd via a USB/IDE
connection

I then put my Hard Drive into another laptop (a HP Compaq NC4010) and
as good as gold the Bios requested the HDDDrive Bay Password.

I entered the password but no go ?

Question 2 - The computer that the Hard Drive comes from uses a US
layout keyboard and the one i am trying to use it in now is a UK
layout. I use a ~ (tilde) in my password which is in a different spot
on these keyboards (although I have tried the various corresponding
key locations) but it continually rejcts my password.

Could this cause a problem ?

Or is there something else ?

Jason

groupware@rocketmail.com

wrote:
> Hi,
>
> My laptop has died and I have taken out the hard drive and connected
> it to a USB connector.
>
> Windows recognised the hard drive and it apears in Device Manager but
> does not map a drive or apper in the Disk Management wndow.
>
> I then remembered I had set a password for the drive.
>
> Question 1 - Is there any way to enter a HDD passowrd via a USB/IDE
> connection
>
> I then put my Hard Drive into another laptop (a HP Compaq NC4010) and
> as good as gold the Bios requested the HDDDrive Bay Password.
>
> I entered the password but no go ?
>
> Question 2 - The computer that the Hard Drive comes from uses a US
> layout keyboard and the one i am trying to use it in now is a UK
> layout. I use a ~ (tilde) in my password which is in a different spot
> on these keyboards (although I have tried the various corresponding
> key locations) but it continually rejcts my password.
>
> Could this cause a problem ?
>
> Or is there something else ?
>
> Jason
>
Looks like the second question answers the first one. I do not know the
British keyboard, but for some characters, I believe you must press
Alt-Gr (bottom-right of the keyboard). If the tilde is located at the
bottom right of a key, then, this is what you need to do. Try typing
your password in Word or Wordpad to make sure it gets the way you need
and then try for the hard drive.

Regards

--
John Doue

John Doue

<> wrote in message
news: oups.com...
> Hi,
>
> My laptop has died and I have taken out the hard drive and connected
> it to a USB connector.
>
> Windows recognised the hard drive and it apears in Device Manager but
> does not map a drive or apper in the Disk Management wndow.
>
> I then remembered I had set a password for the drive.
>
> Question 1 - Is there any way to enter a HDD passowrd via a USB/IDE
> connection
>
> I then put my Hard Drive into another laptop (a HP Compaq NC4010) and
> as good as gold the Bios requested the HDDDrive Bay Password.
>
> I entered the password but no go ?
>
> Question 2 - The computer that the Hard Drive comes from uses a US
> layout keyboard and the one i am trying to use it in now is a UK
> layout. I use a ~ (tilde) in my password which is in a different spot
> on these keyboards (although I have tried the various corresponding
> key locations) but it continually rejcts my password.


You mention the 2nd but failed laptop where you tried using the password
but never bothered to mention the ORIGINAL laptop that was used to hash
your hard drive's contents. The other half of the hash (to decode) was
back in the original laptop. Preventing someone from getting at it,
especially by stealing the drive, is just what that security is for;
i.e., unless the drive is in the original laptop that hashed up the
drive's contents AND you know the password, you will never get at the
decoded contents of the drive. That's why you need to do backups (which
aren't hashed or you specify the password which is a software-based
password that you can use regardless of to where you restore the
password-protected backup).

I you don't have the original laptop to reinsert the hard drive, you'll
have to call the maker of the original laptop to see if they provide a
backdoor password, but I doubt it (although I have seen some lists
floating around of possible backdoor passwords). If you don't have
possession of the original laptop and it is usable, start looking for a
service bureau to do the recovery. Otherwise, you are stuck with
partitioning and formatting the drive to wipe it out, and use the
password, if wanted, for the new laptop that does whole-disk encryption.
Hardware-based security became available starting back with the ATA-3
specification.

http://www.pwcrack.com/bios.shtml
http://www.rockbox.org/lock.html
http://www.driverforum.com/harddrive3/1642.html (but sounds very
hazardous)
http://www.eevidencelabs.com/article..._Forensics.pdf
http://www.velocityreviews.com/forum...-password.html

Vanguard

I don't think that there is a way to get this to work over a USB connection.

I'm surprised that it didn't work on the Compaq. The keyboard could be
part of the issue, or the Compaq may just handle this "differently" than
your original computer. Or your memory of what the password was might
just be faulty.


wrote:
> Hi,
>
> My laptop has died and I have taken out the hard drive and connected
> it to a USB connector.
>
> Windows recognised the hard drive and it apears in Device Manager but
> does not map a drive or apper in the Disk Management wndow.
>
> I then remembered I had set a password for the drive.
>
> Question 1 - Is there any way to enter a HDD passowrd via a USB/IDE
> connection
>
> I then put my Hard Drive into another laptop (a HP Compaq NC4010) and
> as good as gold the Bios requested the HDDDrive Bay Password.
>
> I entered the password but no go ?
>
> Question 2 - The computer that the Hard Drive comes from uses a US
> layout keyboard and the one i am trying to use it in now is a UK
> layout. I use a ~ (tilde) in my password which is in a different spot
> on these keyboards (although I have tried the various corresponding
> key locations) but it continually rejcts my password.
>
> Could this cause a problem ?
>
> Or is there something else ?
>
> Jason
>

Barry Watzman

Re: "The other half of the hash (to decode) was back in the original
laptop. Preventing someone from getting at it, especially by stealing
the drive, is just what that security is for; i.e., unless the drive is
in the original laptop that hashed up the drive's contents AND you know
the password, you will never get at the decoded contents of the drive."

I don't think that's correct. This isn't windows, this is an IDE
password. The implementation of that is supposed to prevent access, on
ANY computer, without the password. But as far as I know, it is NOT
supposed to tie the drive to the computer ... the correct password
should work on any computer. Otherwise, as has happened here, if the
computer motherboard dies, then the drive is lost, and that is beyond
secure, it is "data endangering". And I don't think that's how it works.


Vanguard wrote:
> <> wrote in message
> news: oups.com...
>> Hi,
>>
>> My laptop has died and I have taken out the hard drive and connected
>> it to a USB connector.
>>
>> Windows recognised the hard drive and it apears in Device Manager but
>> does not map a drive or apper in the Disk Management wndow.
>>
>> I then remembered I had set a password for the drive.
>>
>> Question 1 - Is there any way to enter a HDD passowrd via a USB/IDE
>> connection
>>
>> I then put my Hard Drive into another laptop (a HP Compaq NC4010) and
>> as good as gold the Bios requested the HDDDrive Bay Password.
>>
>> I entered the password but no go ?
>>
>> Question 2 - The computer that the Hard Drive comes from uses a US
>> layout keyboard and the one i am trying to use it in now is a UK
>> layout. I use a ~ (tilde) in my password which is in a different spot
>> on these keyboards (although I have tried the various corresponding
>> key locations) but it continually rejcts my password.
>
>
> You mention the 2nd but failed laptop where you tried using the password
> but never bothered to mention the ORIGINAL laptop that was used to hash
> your hard drive's contents. The other half of the hash (to decode) was
> back in the original laptop. Preventing someone from getting at it,
> especially by stealing the drive, is just what that security is for;
> i.e., unless the drive is in the original laptop that hashed up the
> drive's contents AND you know the password, you will never get at the
> decoded contents of the drive. That's why you need to do backups (which
> aren't hashed or you specify the password which is a software-based
> password that you can use regardless of to where you restore the
> password-protected backup).
>
> I you don't have the original laptop to reinsert the hard drive, you'll
> have to call the maker of the original laptop to see if they provide a
> backdoor password, but I doubt it (although I have seen some lists
> floating around of possible backdoor passwords). If you don't have
> possession of the original laptop and it is usable, start looking for a
> service bureau to do the recovery. Otherwise, you are stuck with
> partitioning and formatting the drive to wipe it out, and use the
> password, if wanted, for the new laptop that does whole-disk encryption.
> Hardware-based security became available starting back with the ATA-3
> specification.
>
> http://www.pwcrack.com/bios.shtml
> http://www.rockbox.org/lock.html
> http://www.driverforum.com/harddrive3/1642.html (but sounds very hazardous)
> http://www.eevidencelabs.com/article..._Forensics.pdf
>
> http://www.velocityreviews.com/forum...-password.html
>
>
>

Barry Watzman

"Barry Watzman" <> wrote in message news:45c4b406$0$9009$
> Re: "The other half of the hash (to decode) was back in the original
> laptop. Preventing someone from getting at it, especially by stealing
> the drive, is just what that security is for; i.e., unless the drive is
> in the original laptop that hashed up the drive's contents AND you know
> the password, you will never get at the decoded contents of the drive."

> I don't think that's correct.

It isn't. He's obviously one of those rocket scientists.

> This isn't windows, this is an IDE password. The implementation of that
> is supposed to prevent access, on ANY computer, without the password.
> But as far as I know, it is NOT supposed to tie the drive to the computer
> ... the correct password should work on any computer.
> Otherwise, as has happened here, if the computer motherboard dies,
> then the drive is lost, and that is beyond secure, it is "data endangering".

> And I don't think that's how it works.

It doesn't.

>
>
> Vanguard wrote:
> > > wrote in message news: oups.com...
> > > Hi,
> > >
> > > My laptop has died and I have taken out the hard drive and connected
> > > it to a USB connector.
> > >

[snip]

Folkert Rienstra

"Barry Watzman" <> wrote in message
news:45c4b406$0$9009$...
> Re: "The other half of the hash (to decode) was back in the original
> laptop. Preventing someone from getting at it, especially by stealing
> the drive, is just what that security is for; i.e., unless the drive
> is in the original laptop that hashed up the drive's contents AND you
> know the password, you will never get at the decoded contents of the
> drive."
>
> I don't think that's correct. This isn't windows,

I don't care what OS is on the drive, encrypted or not. The whole-disk
encryption is performed in hardware. Half of that support is on the
hard drive, the other half is back in the mobo. If the drive wanders
off from the mobo that hashed up the drive, that drive cannot be
decoded. It is very similar to e-mail encryption: the source (owner of
the certificate or the mobo) has the "private" portion and the target
(recipient or hard drive) has the "public" portion. Without both,
there's no decryption, and the source controls that.

> this is an IDE

Yep, as I said, this hardware encryption was first provided in ATA-3
specification. It is NOT solely implemented on the hard drive alone.
Unfortunately it costs to get copies of the ATA specs from
http://www.t13.org/ and I really don't need them.

> Otherwise, as has happened here, if the computer motherboard dies,
> then the drive is lost, and that is beyond secure, it is "data
> endangering".

Yep, that is what happens. And that is why you MUST do data backups
since they won't depend on the private key for the encryption that the
mobo has. The backups can either be open in that anyone could restore
from them or you would password-protect them, but that password
protection is entirely within the backup file so you could use another
computer running the same backup program to restore your data because
the password was only used to encode the file (i.e., there is no
separation of private and public keys, there is just the one key used to
encode the file).

Vanguard

Vanguard wrote:
> "Barry Watzman" <> wrote in message
> news:45c4b406$0$9009$...
>> Re: "The other half of the hash (to decode) was back in the original
>> laptop. Preventing someone from getting at it, especially by stealing
>> the drive, is just what that security is for; i.e., unless the drive
>> is in the original laptop that hashed up the drive's contents AND you
>> know the password, you will never get at the decoded contents of the
>> drive."
>>
>> I don't think that's correct. This isn't windows,
>
> I don't care what OS is on the drive, encrypted or not. The whole-disk
> encryption is performed in hardware. Half of that support is on the
> hard drive, the other half is back in the mobo. If the drive wanders
> off from the mobo that hashed up the drive, that drive cannot be
> decoded. It is very similar to e-mail encryption: the source (owner of
> the certificate or the mobo) has the "private" portion and the target
> (recipient or hard drive) has the "public" portion. Without both,
> there's no decryption, and the source controls that.
>
>> this is an IDE
>
> Yep, as I said, this hardware encryption was first provided in ATA-3
> specification. It is NOT solely implemented on the hard drive alone.
> Unfortunately it costs to get copies of the ATA specs from
> http://www.t13.org/ and I really don't need them.
>
>> Otherwise, as has happened here, if the computer motherboard dies,
>> then the drive is lost, and that is beyond secure, it is "data
>> endangering".
>
> Yep, that is what happens. And that is why you MUST do data backups
> since they won't depend on the private key for the encryption that the
> mobo has. The backups can either be open in that anyone could restore
> from them or you would password-protect them, but that password
> protection is entirely within the backup file so you could use another
> computer running the same backup program to restore your data because
> the password was only used to encode the file (i.e., there is no
> separation of private and public keys, there is just the one key used to
> encode the file).
>
I am curious to know what the final word is on that issue. Until reading
your post, I shared Barry's opinion. If you are correct, and you seem to
know your stuff, then I would look twice before passwording a hard-drive.

Regards

--
John Doue

John Doue

John Doue <> wrote:
> Vanguard wrote:
>> "Barry Watzman" <> wrote in message
>> news:45c4b406$0$9009$...
>>> Re: "The other half of the hash (to decode) was back in the original
>>> laptop. Preventing someone from getting at it, especially by
>>> stealing the drive, is just what that security is for; i.e., unless
>>> the drive is in the original laptop that hashed up the drive's
>>> contents AND you know the password, you will never get at the
>>> decoded contents of the drive."
>>>
>>> I don't think that's correct. This isn't windows,
>>
>> I don't care what OS is on the drive, encrypted or not. The
>> whole-disk encryption is performed in hardware. Half of that
>> support is on the hard drive, the other half is back in the mobo. If the drive wanders off from
>> the mobo that hashed up the drive,
>> that drive cannot be decoded. It is very similar to e-mail
>> encryption: the source (owner of the certificate or the mobo) has
>> the "private" portion and the target (recipient or hard drive) has
>> the "public" portion. Without both, there's no decryption, and the
>> source controls that.
>>> this is an IDE
>>
>> Yep, as I said, this hardware encryption was first provided in ATA-3
>> specification. It is NOT solely implemented on the hard drive alone.
>> Unfortunately it costs to get copies of the ATA specs from
>> http://www.t13.org/ and I really don't need them.
>>
>>> Otherwise, as has happened here, if the computer motherboard dies,
>>> then the drive is lost, and that is beyond secure, it is "data
>>> endangering".
>>
>> Yep, that is what happens. And that is why you MUST do data backups
>> since they won't depend on the private key for the encryption that
>> the mobo has. The backups can either be open in that anyone could
>> restore from them or you would password-protect them, but that
>> password protection is entirely within the backup file so you could
>> use another computer running the same backup program to restore your
>> data because the password was only used to encode the file (i.e.,
>> there is no separation of private and public keys, there is just the
>> one key used to encode the file).

> I am curious to know what the final word is on that issue. Until
> reading your post, I shared Barry's opinion. If you are correct, and
> you seem to know your stuff,

He doesnt, actually. Where the encryption is done is an entirely
separate issue to whether the ATA password can be reentered
for a drive that is moved from one system that supports ATA
passwords to another that also does.

> then I would look twice before passwording a hard-drive.

That should always be done, if only because you
need to be sure that you wont lose the password.

Rod Speed

Vanguard wrote:
>
> "Barry Watzman" <> wrote in message
> news:45c4b406$0$9009$...
> > Re: "The other half of the hash (to decode) was back in the original
> > laptop. Preventing someone from getting at it, especially by stealing
> > the drive, is just what that security is for; i.e., unless the drive
> > is in the original laptop that hashed up the drive's contents AND you
> > know the password, you will never get at the decoded contents of the
> > drive."
> >
> > I don't think that's correct. This isn't windows,
>
> I don't care what OS is on the drive, encrypted or not. The whole-disk
> encryption is performed in hardware. Half of that support is on the
> hard drive, the other half is back in the mobo. If the drive wanders
> off from the mobo that hashed up the drive, that drive cannot be
> decoded. It is very similar to e-mail encryption: the source (owner of
> the certificate or the mobo) has the "private" portion and the target
> (recipient or hard drive) has the "public" portion. Without both,
> there's no decryption, and the source controls that.

Vanguard,


All the drive manufacturers have their own method of enforcing password
protection at this level.

Some of them can be overcome quite easily (for instance, a typical
resurrection for Western Digital drives is to enter, as the password,
WDC repetitively for 32 characters) whereas others (most) require
hardware intervention.

We can recover / obliterate passwords for almost all drives - using
specialist equipment - but for the lucky user of a WD-type drive, it's
fairly straightforward.

The password is rarely stored on multiple media - as far as I can tell
with up-to-date information and experience. (i.e. it's never stored as a
combination of platter-based info (system area) and hardware (BIOS / ROM
/ NVRAM.)



--
Retrodata
www.retrodata.co.uk
Globally Local Data Recovery Experts

Odie Ferrous