- Optical Transceivers
- SFP+ Transceivers
- XENPAK Transceivers
- XFP Transceivers
- X2 Transceivers
- SFP Transceivers
- Compatible SFP
- 3Com SFP
- Alcatel-Lucent SFP
- Allied Telesis SFP
- Avaya SFP
- Brocade SFP
- Cisco SFP
- D-Link SFP
- Dell SFP
- Enterasys SFP
- Extreme SFP
- Force10 SFP
- Foundry SFP
- H3C SFP
- HP SFP
- Huawei SFP
- Intel SFP
- Juniper SFP
- Linksys SFP
- Marconi SFP
- McAfee SFP
- Netgear SFP
- Nortel SFP
- Planet SFP
- Q-logic SFP
- Redback SFP
- SMC SFP
- SUN SFP
- TRENDnet SFP
- ZYXEL SFP
- Other SFP
- FE SFP
- GE SFP
- OC3 SFP
- OC12 SFP
- OC48 SFP
- Copper SFP
- CWDM SFP
- DWDM SFP
- BIDI SFP
- Fiber Channel SFP
- Multi-Rate SFP
- SGMII SFP
- Compatible SFP
- GBIC Transceivers
- Passive Components
- Networking
- Cables
- Equipments
- Tools
- Special Offers
Brands
Industry News
Fiber Optic Wiki
HDD passwords and security
The disk lock is a built-in security feature in the disk. It is part of the ATA specification, and thus not specific to any brand or device. The disk lock can be enabled and disabled by sending special ATA commands to the drive. If a disk is locked, it will refuse all access until it is unlocked.
A disk always has two passwords: A User password and a Master password. Most disks support a Master Password Revision Code. Reportedly some disks can report if the Master password has been changed, or if it still the factory default. The revision code is word 92 in the IDENTIFY response. Reportedly on some disks a value of 0xFFFE means the Master password is unchanged. The standard does not distinguish this value.
A disk can be locked in two modes: High security mode or Maximum security mode. Bit 8 in word 128 of the IDENTIFY response shows which mode the disk is in: 0 = High, 1 = Maximum.
In High security mode, the disk can be unlocked with either the User or Master password, using the "SECURITY UNLOCK DEVICE" ATA command. There is an attempt limit, normally set to 5, after which the disk must be power cycled or hard-reset before unlocking can be attempted again. Also in High security mode the SECURITY ERASE UNIT command can be used with either the User or Master password.
In Maximum security mode, the disk cannot be unlocked without the User password — the only way to get the disk back to a usable state is to issue the SECURITY ERASE PREPARE command, immediately followed by SECURITY ERASE UNIT. In Maximum security mode the SECURITY ERASE UNIT command requires the Master password and will completely erase all data on the disk. The operation is slow, it may take longer than half an hour or more, depending on the size of the disk. (Word 89 in the IDENTIFY response indicates how long the operation will take.)
While the ATA disk lock is intended to be impossible to defeat without a valid password, there are workarounds to unlock a drive. Many data recovery companies offer unlocking services, so while the disk lock will deter a casual attacker, it is not secure against a qualified adversary.
July 11, 2011
Featured
Bestsellers
Registered Names and Trademarks are the copyright and property of their respective owners.
Copyright © 2025 Fiberise(A company of Cablexa Ltd). All rights reserved.
Copyright © 2025 Fiberise(A company of Cablexa Ltd). All rights reserved.
