Key Takeaways
- Set a BIOS password for an extra security layer against unauthorized physical access.
- Keep your laptop close and be aware of your surroundings to prevent physical theft.
- Use a VPN on public Wi-Fi to protect against cyber threats like man-in-the-middle attacks.
Traveling with your laptop can be a security risk. It can increase the chance of your device being lost or stolen, and there are security issues associated with Wi-Fi, especially when connecting to public networks. Having a password on your BIOS can give you an extra layer of security, but it’s not the be-all and end-all.
What Is a BIOS?
The Basic Input/Output System (BIOS) is your PC’s most important startup firmware, along with its modern successor, the Unified Extensible Firmware Interface (UEFI). It’s a built-in core software that is required to boot up your system and is also responsible for managing data between your computer’s operating system and any other hardware connected.
In other words, if your computer doesn’t have this firmware (either BIOS or UEFI), it will not start. Adding a password to your BIOS will provide you with another layer of security and prevent unauthorized changes to BIOS settings. If you’re working in a public setting such as a coworking space, library, or coffee shop, having a BIOS password set can prevent unauthorized physical access, including someone unlocking your device and getting access to all your personal and confidential data. It can also prevent someone booting from a malicious USB to infect your system or reinstalling an operating system to take over your device.
Sure, a thief could bypass the protection by tampering with the computer’s motherboard, but it’s a lot harder than just trying to guess your regular Windows password.
What Does This Look Like to the User?
Once your BIOS password is set, it essentially works like another password at the BIOS level, so when your computer boots up, you’ll have to type your password in before the operating system starts to boot. Once your operating system is on, you’ll be prompted to enter your regular password to log in to your computer as usual.
A BIOS password is not foolproof, but no security method is. The more security layers we have in place, the more secure we are.
How to Set BIOS Password on Windows
To set your BIOS password on Windows, you’ll need to access the BIOS startup. First, shut down the computer and turn it back on. When it starts booting, repeatedly press a specific key to enter the BIOS setup. This specific key can vary by manufacturer. Some common keys include F1, F2, Del, F10, or the Escape key.
Once you are in the BIOS setup, you can use the arrow keys to navigate to “Security” and then “Password.” Press Enter once you’ve made your selection:
You’ll be presented with several options:
The difference between Supervisor and regular passwords in the BIOS settings is that if you set the Supervisor Password, it can prevent unauthorized changes to system configurations, making it a more secure method. Make sure that you pick a strong, unique password that is not the same as your computer password. Use longer passwords, as it’s more secure, and try to use a combination of numbers, special characters, and letters.
To set the Supervisor Password, use the arrow keys to hit Enter on “Disabled” to “Enable” it. You’ll be prompted to set a password:
Hit Enter to confirm, and Enter again to save. You can do the same for the “Power-on Password” option:
The Power-On Password will be required every time you turn on the computer. Again, do the same for the “Password at Restart” option. This option prompts the user to enter a password not only when powering on the system but also each time the system is restarted.
When you’re done, press F10 to save and exit. Your computer will start up, requiring you to enter your BIOS password. If you ever need to remove the BIOS password, you can access your BIOS settings again and disable it instead.
Be Wary of Public Wi-Fi
As mentioned above, having a BIOS password is not foolproof, it’s just another layer of security. You can always take the computer apart or take the hard drive out and access all its data (unless the hard drive is encrypted). There are other ways your data and computer can get compromised when traveling. One common avenue is via public Wi-Fi.
Man-in-the-middle (MITM) is a cyberattack where an attacker intercepts communications between a user’s device and the network they’re connected to. This typically occurs when a hacker creates a malicious Wi-Fi hotspot that looks legitimate or compromises an existing public network, allowing them to eavesdrop on users’ internet traffic and potentially steal sensitive information like login credentials or financial data.
When using public Wi-Fi, I recommend using a VPN. A VPN can encrypt the traffic between your computer and the Wi-Fi network and can prevent you from cyberattacks such as man-in-the-middle attacks (MITM) and Distributed Denial of Service (DDoS) attacks.
Additional Tips to Avoid Physical Theft
I try not to leave my laptop unattended when traveling, even for a brief moment. However, where you store it is equally important. Most hotels have safes where you can securely store your device. If your accommodation doesn’t have a safe, consider investing in a portable laptop safe or secure bag with a combination lock.
You can also consider using unconventional covers or stickers to make your laptop less appealing to thieves. Making it look less like a high-value item can deter theft.
Always be cautious of your surroundings when traveling. While BIOS passwords add a layer of security, remember that your best defense is using a combination of security practices and staying vigilant when you’re out and about. Always be wary of common online scams.
