Your PC likely asks for your username and password to grant access to Windows, a nice security measure, but ineffective if someone has physical access to your hard drive. (They’ll just install it in another PC and boot from a different disk.) You should enable hard drive encryption for the best protection against data thieves. But also use additional BIOS tricks enable more layers of security, asking for another password to boot, access the drive, or change BIOS settings. Here’s how to adjust those system settings.
Supervisor Password: Enable and change this password to prevent someone from changing these BIOS settings in the future. For example, if you don’t want someone booting from a CD or external drive on one of your work systems, first disable those options in the Boot menu, and then enable the password here. If troubleshooting in the future, you can restore those boot options after entering the BIOS password.
User Password: Add an extra password prompt before getting to the Windows login screen. This provides a small, extra security step against unauthorized access. First set the user password, then enable it on boot.
HDD Password: For the best disk protection short of encrypting your drive, enable the hard disk password. If this option is supported on your system, the password settings are stored on the disk itself, preventing access even if installed in another PC. A data-recovery service could likely still access your files since they’re unencrypted. So remember that it’s still possible—although quite difficult—for someone else to access the data.
Remember your passwords. Store them on another PC or somewhere else secure; if you forget any of these, the reset process can be difficult or impossible. Use the BIOS settings you want to disable these passwords in the future. Enter the box to make a change, enter the old password, and then leave the new password blank.