If you can boot from CD/USB
When Windows doesn’t boot properly and you cannot get into the BIOS to change the boot order, you could be lucky enough that booting to CD or USB might already be set at a higher priority than booting to Windows and simply inserting a CD or flash drive will boot to it automatically. It’s also possible that CD or USB booting could be just below hard drives in the order, in which case you would need to temporarily disconnect the hard drive(s).
If you can still access Windows, another solution to enable CD/USB booting is using a great tool called Plop Boot Manager. What it does is allow booting from these devices even if the system BIOS doesn’t support the function or the boot order is not accessible. Even if you don’t want it for this purpose, Plop is a great tool to know about for using on older computers.
PC CMOS Cleaner
PC CMOS Cleaner is able to recover, remove, decode and display the user or supervisor password stored in the BIOS irrespective of the machine brand. Award, American Megatrends (AMI), Compaq, Phoenix, Samsung, IBM, Compaq, DTK, Thinkpad, Sony, Toshiba are all in the list of supported BIOSes so there’s a good chance your BIOS is included. PC CMOS Cleaner is a bootable Linux CD so you don’t have to worry about operating system compatibility. On launch the program will first try to decrypt and display a list of possible passwords. Failing that, you can choose to remove the password using two options, the second of which will completely reset the BIOS to defaults so you’ll have to go and reconfigure it afterwards.
CmosPwd by CGSecurity
This is one of the more up to date and popular CMOS decryption tools although it’s still quite old dating back to 2007. CmosPwd decrypts the password stored in the CMOS and displays it. The following BIOSes are supported:
- ACER/IBM BIOS
- AMI BIOS
- AMI WinBIOS 2.5
- Award 4.5x/4.6x/6.0
- Compaq (1992)
- Compaq (New version)
- IBM (PS/2, Activa, Thinkpad)
- Packard Bell
- Phoenix 1.00.09.AC0 (1994), a486 1.03, 1.04, 1.10 A03, 4.05 rev 1.02.943, 4.06 rev 1.13.1107
- Phoenix 4 release 6 (User)
- Gateway Solo – Phoenix 4.0 release 6
- Zenith AMI
With CmosPwd, you can also backup, restore, erase or even kill the CMOS. CmosPwd is included in the Hirens Boot CD DOS programs menu. Select “9. Next” -> “2. BIOS/CMOS Tools” -> “2. BIOS Cracker 5.0 (cmospwd)”. There’s also a version you can run from within Windows which is available on the CGSecurity website along with some useful information.
!Bios by eleventh alliance
!Bios is a tool that was developed for a brute force attack on BIOS passwords. You can also backup and restore the BIOS and there’s even a Blaster option where can blank certain parts of the BIOS in the hope of removing the password, a powerful and potentially dangerous option because it could completely corrupt the BIOS. !Bios can try and crack the passwords used in some common BIOSes including various versions by IBM, American Megatrends (AMI), Award and also Phoenix. It’s a very old tool dating back to the late 90’s so is unlikely to work effectively on more recent computers.
Like CmosPwd, !Bios is also included in the Dos Programs menu of Hirens Boot CD. Select “9. Next” -> “2. BIOS/CMOS Tools” -> “4. !BIOS 3.20 (ibios)”. You can also download a separate !Bios Windows tool.
Invalidating the CMOS Checksum Manually
If you prefer to do it manually rather than relying on automated programs or the other tools like CMOS De-Animator aren’t working, it is possible to reset the BIOS password by using the debug.exe tool which will invalidate the CMOS checksum in a similar way to CMOS De-Animator. This can be achieved by typing two commands into the debug tool if you first boot up the computer in FreeDOS. Here are the instructions.
1. Install FreeDOS on a USB flash drive using Rufus or UNetbootin.
2. Download the debug.exe tool and save it to the root of your USB flash drive.
3. Boot up the computer with your USB flash drive and type the following commands: (take note that the second and third commands start with the letter O and not the number zero.)
o 70 2E
o 71 FF
4. Restart your computer with Ctrl + Alt + Del and you should encounter an error message like “CMOS checksum error” which is normal. You can now access the CMOS setup without entering a password.