Help me break into my own computer's BIOS
July 31, 2008 3:47 AM   Subscribe

How do I reset the BIOS administrator password on an ex-IBM NetVista motherboard?

My toy server, a Linux box whose only bought-new parts are the hard disk drives, died from motherboard capacitor plague. I've been given a used IBM 06p2525 mobo that seems to be in good nick, and I'd like to make it work.

I've found the reference manual and a BIOS update. When I start the Flash/BIOS recovery procedure described on page 50, I'm being blocked by this:
 177 System Security - Asset control has been violated 163 Date and Time IncorrectSystem-security - Administrator password required.Type your password, then press Enter.
Page 47 says that if Enhanced Security is on (which I'm guessing it is, because resetting the BIOS apparently hasn't removed the admin password) and the administrator password is lost, the system board has to be replaced. I obviously don't want to do that.

It's common wisdom that physical access grants full control. I have physical access and soldering-fu but no EPROM burner/reader. Can anybody help me get around this thing? Email is in profile if non-disclosure agreements are involved.
posted by flabdablet to Computers & Internet (6 answers total)
Most motherboards generally have a configurable jumper which when put into the 'alternate' position for a few seconds, resets the full motherboard configuration including passwords. Apologies if your mobo's manual tells you that there isn't one on it.
posted by cyanide at 4:56 AM on July 31, 2008

Yeah, that's the first step in the Flash/BIOS recovery procedure on page 50, and that's what I was naively expecting would Just Work as well. It didn't. I think I need to do violence to the Flash, not just the CMOS RAM. Or maybe there's a dedicated security eeprom lurking about somewhere in the design. I'm hoping to luck onto an ex-IBM mefite with insight.
posted by flabdablet at 5:04 AM on July 31, 2008

That's the recovery procedure, whereas you want to reset the CMOS. Most of the mobos I've worked with have a different procedure to do what you want to do.

Just disconnect the power plug from your server, put the jumper in the alternate position for 30 seconds or so, then move it back to the default position and reconnect the power plug. That should hopefully do it.
posted by cyanide at 5:16 AM on July 31, 2008

Yeah, that's been my experience too. Done that too. Didn't work.

Also tried disconnecting the power, then moving the jumper, then removing the battery, then waiting a minute, then replacing the battery, then reconnecting the power, then booting up, then waiting a minute, then powering down, then restoring the jumper to normal, then powering up again.

This mobo had a busted battery clip and no battery when I first got it, so I'm sure the CMOS contents were complete rubbish when I first powered it up. After various reset attempts, I think CMOS is now officially cleared; the BIOS now no longer mentions that an RFID antenna is missing.

Even so, it ends up wanting an admin password every time it starts. It looks to me like IBM takes mobo security/anti-theft measures a little more seriously than most.

On terminology: given that the "recovery" procedure winds up re-flashing the BIOS, it also looks to me like IBM is using the word "recovery" in the typical OEM jargon sense of "scorched earth policy", which I think is what I want to do.
posted by flabdablet at 7:08 AM on July 31, 2008

can you pull the eeprom and short out a few pins? I'm not sure of the details, but I've read about this being done to wipe a bios password.
posted by jrishel at 11:16 AM on July 31, 2008

Having unsuccessfully searched the IBM mobo for anything that looks like an eeprom, I've come to the conclusion that these bastards are actually burning the admin password into the BIOS Flash EPROM chip, and that I would indeed need to desolder that and get access to an EPROM programmer to make any progress with it. Which I'm not actually willing to do, considering I've also been given an old DFI mobo that also appears to be in quite good nick and doesn't have all the corporate crap on it.

Nice going, IBM. I wonder how many other potentially re-usable boards this decision has sent to landfill.
posted by flabdablet at 2:27 AM on August 3, 2008

« Older How do national grid forecast demand acturately   |   Can I live in Australia? Newer »
This thread is closed to new comments.