• asudoxOP
    link
    fedilink
    1
    edit-2
    9 months ago

    I also want to add that the TPM will request the recovery key if the BIOS goes back to factory defaults. I also think changing the secure boot setting might trigger it. If that’s the case then a BIOS password is pretty useless.

    • Para_lyzed
      link
      fedilink
      1
      edit-2
      9 months ago

      I believe that the TPM will refuse to provide keys after secure boot is disabled, but I didn’t intend to imply that it could be used to bypass TPM decryption or anything. Just as an aside that BIOS passwords are effectively useless at preventing access to the BIOS.

      • asudoxOP
        link
        fedilink
        19 months ago

        It does seem like most of the TPMs indeed do not provide the keys if secure boot is disabled. Sorry for the misunderstanding.