View Full Version : strange trick (why does it work?)

22-09-2003, 07:08 PM
A frind has a older pIII 600eb on a ATREND motherboard (award bios)

he has set a bios passowrd on boot so as to stop the flatmate using the computer.....

the password he set is 50265 which he enters on the number pad.

the odd thing is that the number 50256 will also let you in to the system.

this is not a problem for him I just wondered if anyone might know why it happens....

22-09-2003, 07:39 PM
If I remember rightly, there is 2 in the BIOS. One is supervisor and one is system password. One relates to getting into BIOS, the other to progress past memory test.

22-09-2003, 07:44 PM
Yeah, a supervisor password and a user password. If you enter either one you can boot up the computer. But on the Supervisor password will let you change stuff in the BIOS. So maybe your friend has got 2 separate passwords?

22-09-2003, 08:20 PM
both passwords are set to the same number and bothe numbers will let the system boot so thats not the answer.

22-09-2003, 10:56 PM
Its probably because of weak password checking.

I'm just speculating, but if it used a weak hashing function to store the passwords it would be possible for multiple passwords to map to the same hash.

Google should explain hashing if you aren't familiar with it.

22-09-2003, 11:07 PM
supervisor password to the bois= stops unathorised changes to Bios setup
user password = sets level of access a normal user has to the bios ie veiw only, change or no access.
boot password = requiried before boot can start.

at least that the way the bios 's are set up with the pc's I deal with

22-09-2003, 11:09 PM
With my MB Bios I can have no password, just the Bios setup or the whole system and I have mine set to the whole system and it uses just the one password for both.

Graham L
23-09-2003, 04:00 PM
Maybe they just use the first 3 digits (or 2, or 1 ... :D) to make the programming simple. The protection these passwords give is illusory, anyway. Most BIOSs have a default one, and the password can be cleared by anyone who is capable of opening the box, (except on some laptops ... where it's meant as an anti-theft thing). The only secure computer is one that's behind a a srong locked door. (and most doors ( or walls or roofs) can be broken through.