0

Apparently someone found it funny to password protect the SSD harddisk of one of our HP ProBook laptops, and now the laptop is unable to boot. Of course the password is unknown to us, but I'd like to reformat the disk so we can reinstall the laptop.

When I boot the laptop, I get the message "3F0 error - Device not found". I took out the harddisk and placed it in a Dell Optiplex 7010, which upon boot asks for the password as well.

If I connect the SSD via a USB adapter, I can see the partitions and format them, but afterwards the drive is still not accessible.

Booting the laptop with a linux live distribution gives me the same result - I can see the partitions just fine, so the drive seems to work.

How do I either remove the password, or more likely, reformat the SSD so I can reinstall the laptop?

Thanks!

Joe
  • 163
  • 1
  • 5
  • 21
  • 2
    The password has been set on the SSD itself. On a built-in chip/part of the firmware. The short answer for you: With great difficulty/almost impossible. It'll be far easier for you to replace the disk and re-install, but you'll have almost zero chance of getting the data back from the locked disk. – Kinnectus Feb 05 '19 at 10:27
  • @Kinnectus: I have no need for the data on the locked disk, I just want to use the disk again. Is it possible to reset the SSD to a clean state? Replacing the disk is not possible, as there is no budget for new drives. If I can't reset the SSD, then the laptop will be tossed out, so it would be really nice if I can reuse the SSD! – Joe Feb 05 '19 at 10:34
  • 2
    No budget for new drives so throw the entire, more expensive laptop away and, what, replace that? Logical. each to their own. Honestly, you'll waste so much time trying to reset the password than will be worth your time simply replacing it. a laptop SSD is less than £100. – Kinnectus Feb 05 '19 at 10:43
  • @Kinnectus: unfortunately that is indeed the situation. There is no budget to replace the SSD, and yes, if the laptop cannot be repaired, it will be tossed (and simply not replaced). Time isn't an issue, so if there is an option to reformat the SSD I'd like to hear it. – Joe Feb 05 '19 at 10:46
  • You're going to trial and error such tools as Hiren's Ultimate Boot CD, the hard disk manufacturer may have tools (but, due to what you're trying to do, may not ever release them without additional cost, or you may be needed to send the disk, with proof or purchase etc.).... Do an online search for "forgotten HDD password".... honestly, there's so very little success because the whole point of the HDD password is to ensure the data remains secure. – Kinnectus Feb 05 '19 at 10:49
  • @Kinnectus: thanks for the info, and I understand that the whole point of a password is to secure the data. But since I don't need the data, I thought there would be an easy way to wipe the entire disk clean and start again. We also have drives encrypted with BitLocker for example, if we format those then the data is gone but the drive can be reused without a problem. – Joe Feb 05 '19 at 10:52
  • Does the SSD have a 'PSID' code written on it? – u1686_grawity Feb 05 '19 at 10:56
  • BitLocker is software encryption and doesn't rely on the hardware apart from anything containing the keys - hence why the disk can be formatted easily. They're unrelated. An SSD/HDD password is comparable to a BIOS password. Either one, when set, is specific to the motherboard/hard disk board and "follows" the device as it is built-in to the hardware - hence why it's so difficult (if not impossible) to recover/remove without the manufacturer intervention, but will require such proof of purchase and any costs. Good luck. – Kinnectus Feb 05 '19 at 10:58
  • 1
    @Kinnectus - "BitLocker is software encryption" - This isn't true. BitLocker will use the broken implementation of a device that supports self-encryption when possible. [This is one of those discoveries that happened in 2018](https://borncity.com/win/2018/11/06/ssd-vulnerability-breaks-bitlocker-encryption/). It isn't to say this is a weakness of BitLocker itself, just that, BitLocker doesn't always use software to perform the encryption. To make it clear, BitLocker can use a hardware or software encryption, entirely depends on the configuration. – Ramhound Feb 05 '19 at 11:41
  • @grawity: no, there is no PSID code nor a 2D barcode on the SSD. – Joe Feb 05 '19 at 12:02
  • 1
    @Ramhound, good call. Didn't Microsoft, recently, U-turn that Group Policy setting *because* of the vulnerability...? I.e. The new default setting is to enforce software encryption... – Kinnectus Feb 05 '19 at 13:14
  • @Kinnectus it was an advisory only, so the admin would have to change it....https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/ADV180028 – Moab Feb 05 '19 at 14:48
  • @Kinnectus - Don't know I just recall it happened. – Ramhound Feb 05 '19 at 16:47
  • Joe, as I said before we are always glad to help. However, it really is a minimal effort "professional courtesy" to provide us with appropriate feedback regarding answers or comments, rather than deleting [the question](https://superuser.com/questions/1403524/adobe-reader-dc-convert-to-pdf-missing-from-context-menu-in-explorer) without saying a word. – Run5k Feb 09 '19 at 19:11
  • @Run5k - is it "professional courtesy" to spam another question for your comment? Anyway, I deleted the question because the issue has resolved itself without a trace of a solution. I thought it would be better to delete the question itself, than to leave a question without an answer roaming around on SU. I'll reinstate the question since you've asked. – Joe Feb 11 '19 at 06:56
  • Just a suggestion: don't toss the computer. Toss the drive, yes, but if other computers come back physically damaged in the future, you can pull the drive from one of these and voila, you'll have a working system again. We don't usually buy the special warranty covering physical damage, but we keep these computers as scavenger spares so that good parts from them can help other systems back to life. – music2myear Apr 16 '22 at 16:21

2 Answers2

0

The purpose of an on-disk password is to prevent access to the data, not to render the drive inoperable.

This means that the only way that you can return the hardware to service is by erasing the drive from scratch, using the on-controller ATA Secure Erase command.

You can boot a Linux live CD and then use the hdparm command to do this.

https://ata.wiki.kernel.org/index.php/ATA_Secure_Erase

If a password is already set, you simply proceed with initiating the erasure with a new password that you select. Using your own arbitrary password will only work for the purpose of initiating a new erasure, not for any other commands that require a password.

# hdparm --user-master u --security-set-pass [password] /dev/sdX 
# hdparm --user-master u --security-erase [password] /dev/sdX

(where the 'X' in 'sdX' will vary depending on your hardware).

Royce Williams
  • 1,138
  • 7
  • 14
  • those were my thoughts as well. It's OK to loose the data, but one should be able to reformat the drive and start again, so to speak. Anyway, thanks for the commands, I tried them with linux live CD but no luck I fear. Both commands give me a similar error message, which is `Issuing SECURITY_SET_PASS command, password="1234", user=user, mode=high SG_IO: bad/missing sense data, sb[]` If I run hdparm -I /dev/sda, there is no security section in the output, which strikes me as odd... – Joe Feb 06 '19 at 10:29
  • See https://superuser.com/questions/1213715/hdparm-error-sg-io-bad-missing-sense-data. The drive may actually be frozen. Sleep the machine (without rebooting), wake it back up, and try again. – Royce Williams Feb 06 '19 at 15:33
  • Thanks! After booting in Kali, I tried to sleep the machine and wake it again. Nothing changed in the hdparam -I output. I also tried to disconnect the SSD while running and reconnect it again, but with the same result. Still no security section in the output of hdparm -I. It's really frustrating since I can see the drive just fine in linux, and attached via a USB adapter in Windows, I can create & delete partitions, read, write, delete data, but as soon as I try to install Windows on it, the install process fails to find the drive. On boot, the 3F0 error - Device not found still occurs. – Joe Feb 07 '19 at 11:39
  • That sounds like there may be an actual hardware problem with the drive, then. – Royce Williams Feb 08 '19 at 16:22
  • I fear the drive is lost indeed. Since I can't keep spending time on fixing it, both laptop and drive will be scrapped. Thanks for the help anyway! – Joe Feb 11 '19 at 06:57
0

I suggest you try a Windows system tool called diskpart.

Press "Win+R" to open the run dialog box and input "diskpart" then you can press Enter to open that. You should note that diskpart requires the administrator rights.

Wait a minute and then input "list disk" in the cmd console. The programme will return the disks that have been connected to the PC and their labels.

If the SSD you want to format is labelled as Disk 1, then input"select disk 1". Programme will return like : the disk 1 is selected disk now. (PLEASE MAKE SURE THE DISK YOU SELECTED IS DEFINITELY YOUR TARGETED SSD RATHER THAN OTHER DRIVE)

Then input "clean" and execute the command. If everything went smoothly, programme will return like Diskpart has clean the disk successfully.

Then you can format it in system tools like "diskmgmt.msc" or any other ways.

Hopefully all above useful.

Lan Nick
  • 1