4

There should exist mainboards that support Self Encrypting Device (SED) in BIOS, so when connecting a SSD which have SED support, and SED have been enabled in the BIOS, it prompts on bootup for password.

Searching for "mainboard sed support ssd bios" doesn't give me anything, so I suspect it is called something else.

Question

Does anyone know how to find mainboards that support SED, so the BIOS asks for password for the SSD's SED?

Jasmine Lognnes
  • 2,520
  • 8
  • 33
  • 51

1 Answers1

3

SED means self encryption disk, where the "self" part means that the encryption mechanism is entirely embedded in the disk's controller/firmware.

The motherboard can supply an ATA PASSWORD to seed the encryption engine, and basically ALL motherboards support this. When they don't support ATA PASSWORD, they generally support some newer standards for encryption (see below).

However, this is not even a requirement: newer standards as TCG/Opal enables OS to directly manage the encryption key, bypassing any BIOS requirement regarding the ATA PASSWORD mechanism. What is required, however, is a recent BIOS that correctly enables that TCG mechanism. This is quite common in the mobile/laptop world, much less in the desktops one.

shodanshok
  • 47,711
  • 7
  • 111
  • 180
  • I were under the impression that ATA password were a flag that was written to firmware with "please don't give access to the data" without entering the correct password. Here I am thinking about 10yo IBM ThinkPad's. Does using TCG/Opal mean that if the mainboard dies, then I won't be able to access the data on another mainboard? – Jasmine Lognnes Jun 01 '15 at 11:50
  • No. Both ATA PASSWORD and TCG/OPAL store the crypto key inside the **disk**, not on the motherboard. – shodanshok Jun 02 '15 at 15:36
  • I can't help by wonder what is exactly meant by "recent BIOS that correctly enables that TCG mechanism". – ᄂ ᄀ Sep 05 '18 at 20:01