Manualshelf

HP PC Commercial BIOS (UEFI) Setup Administration Guide For Business Notebook and Desktop 2015 Models - Technical whitepaper

ManualsBrandsHP ManualsDesktopsHP EliteBook 840 G3 Notebook PC
11121314151617181920
May 2016
857394-002
HP PC Commercial BIOS (UEFI) Setup
© Copyright 2016 HP Development Company, L.P.
4 Security Menu 18
Table 9 Security Menu features
Feature
Type
Description
Default
Notes
Create BIOS Administrator
Password
Or Change BIOS
Administrator Password
Setting
The Administrator password controls access to the setup
menu (F10), 3
rd
Party Option ROM Management (F3),
Update System ROM, WMI commands that change
system settings and the BIOS Configuration Utility (BCU).
When no Administrator password is set, anyone can
change the system settings, add 3
rd
Party Option ROM or
update the system ROM. When the power-on password is
set, use the administrator password as an alternative to
power-on the system.
Recommendation: Set an administrator password when a
power-on password is set. When a power-on password is
forgotten, an administrator can reset the power-on
password by using “Restore Security Settings to Factory
Defaults”
2014 Notebook: Security -> Setup BIOS Administrator
Password
2014 Desktop: Security -> Setup Password
Create POST Power-On
Password
Or Change POST Power-On
Password
Setting
Password required to power on the PC, independent of
the OS password. When no password is set, anyone can
power-on the PC. In addition to the administrator
password, there is only one power-on password.
Recommendation: Set an administrator password when a
power-on password is set. When a power-on password is
forgotten, an administrator can reset the power-on
password by using “Restore Security Settings to Factory
Defaults”
2014 Notebook: Security -> User Management -> Create
New BIOS User Account (multiple power-on passwords,
including HP Client Security Users were possible.)
2014 Desktop: Security -> Power-On Password
Fingerprint Reset on
Reboot
Action
When checked, resets the fingerprint on the next reboot.
After reboot, this will be unchecked again.
2014 Notebook: Security -> Fingerprint Reset on Reboot
(If Present)
Unchecked
Notebook
Only
Password Policies
Menu
Allows the administrator to set password requirements
for BIOS administration and power-on regarding the use
of symbols, numbers, case and spaces
2014 Desktop: New
TPM Embedded Security
Menu
The Trusted Platform Module (TPM) is a dedicated
microprocessor that provides security functions for
secure communication and software and hardware
integrity. The TPM hardware solution is more secure than
a software only solution.
2014 Desktop: New menu. TPM features referenced the
Embedded Security Device, instead of TPM. See the TPM
Embedded Security menu section of this document for
details on individual TPM features.