HP Business Notebook and Desktop PC F10 setup overview Technical White Paper Technical white paper

ManualsBrandsHP ManualsDesktopsHP ZBook 15 G3 Mobile Workstation

Feature Function Default setting,

if applicable

Reboot

required

o Reset to Factory

Settings

Disables TPM and resets credentials Do not reset

Yes

• Measure boot

variables/devices to PCR1

Prevents changes in boot device configuration (e.g. adding to or

changing boot order) from causing Bitlocker recovery mode

Disabled Yes

• OS Management of

Embedded Security Device

Allows OS to manage TPM Enabled Yes

o Reset of Embedded

Security Device through

Allows reset of TPM to be initiated from the OS Disabled Yes

o No PPI Provisioning Allows the OS to take immediate control of the Embedded

Security Device without requiring user interaction.

Disabled Yes

o Allow PPI policy to be

changed by OS

Allows the OS to change how the user is prompted for changes to

the Embedded Security Device

Disabled

Yes

• Button Retask Password

Protection

Prevents All-in-One bezel buttons from being retasked without

administrator privileges

Disabled Yes

• DriveLock Security Allows configuration of master and user DriveLock passwords

Note: Hard drive security states cannot be changed after a warm

reboot. Power off the system then boot directly to F10 Setup.

Yes

o Enable/Disable

DriveLock

Enables DriveLock feature. Prompts for setting a user password

when set to Enable.

Yes

o Configure Master

Password

Allows Master DriveLock password to be set

Yes

Secure Boot Configuration Yes

• Legacy Support Provides support for older (non-EFI) operating systems Disabled for

Windows 8

Enabled for others

Yes

• Secure Boot BIOS will verify that the software image it boots to is properly

authenticated

Note: Enabling Secure Boot impacts Legacy Support, Legacy Boot

Sources, and Option ROM Launch Policies.

Note: “Secure Boot Policy” warning appears if user tries to

enable Legacy Support with Secure Boot on.

Enabled for

Windows 8

Disabled for others

Yes

Key Management Yes

• Clear Secure Boot Keys By default HP keys are installed. They can be extended by valid

updates from HP. Clearing the keys resets the keys to the initial

BIOS defaults. If Custom keys have been selected, clearing the

keys removes all the keys.

Don’t Clear No

• Key Ownership If Secure Boot is enabled, keys are used to ensure that only

properly signed software can boot. The Key Ownership option

allows you to specify HP or custom keys.

HP Keys Yes

Fast Boot Enables the Fast Boot option (with support for Fast Boot and

Seamless Boot) for Windows 8 users

Enabled for

Windows 8

Disabled for others

Yes