Pre-boot authentication

Template:Refimprove Template:Cleanup

Pre-Boot Authentication (PBA) or Power-On Authentication (POA)<ref name=autogenerated2>*****o</ref> serves as an extension of the BIOS or boot firmware and guaranteesTemplate:Cn a secure, tamper-proofTemplate:Cn environment external to the operating system as a trusted authentication layer. The PBA prevents anythingTemplate:Cn being read from the hard disk such as the operating system until the user has confirmed he/she has the correct password or other credentials.<ref name=autogenerated1>*****o</ref>

Benefits of Pre-Boot Authentication

• Full disk encryption outsideTemplate:Cn of the operating system level
• Encryption of temporary filesTemplate:Cn
• Data-at-rest protectionTemplate:Cn

How Pre-Boot Authentication Works

Generic Boot Sequence

1. Basic Input/Output System (BIOS)
2. Master boot record (MBR) partition table
3. Pre-boot authentication (PBA)
4. Operating system (OS) boots

A PBA environment serves as an extension of the BIOS or boot firmwareTemplate:Cn and guarantees a secure, tamper-proof environment external to the operating system as a trusted authentication layer. The PBA preventsTemplate:Cn Windows or any other operating system from loading until the user has confirmed he/she has the correct password to unlock the computer. That trusted layer eliminates the possibilityTemplate:Cn that one of the millions of lines of OS code can compromise the privacy of personal or company dataTemplate:Cn.

Pre-Boot Authentication Technologies

Combinations with Full Disk Encryption

Pre-Boot Authentication is generally providedTemplate:Cn by a variety of full disk encryption vendors, but can be installed separatelyTemplate:Cn. Some FDE solutions can function without Pre-Boot Authentication, such as hardware-based full disk encryption. However, without some form of authentication, encryption provides little protectionTemplate:Cn.

Authentication Methods

The standard complement of authentication methods exist for Pre-Boot Authentication including:

1. Something you know (i.e. username / password)
2. Something you have (i.e. smart card or other token)
3. Something you are (i.e. biometric data)

References

     | references-column-width 
     | references-column-count references-column-count-{{#if:1|{{{1}}}}} }}
   | {{#if: 
     | references-column-width }} }}" style="{{#if: 
   | {{#iferror: {{#ifexpr: 1 > 1 }}
     | Template:Column-width
     | Template:Column-count }}
   | {{#if: 
     | Template:Column-width }} }} list-style-type: {{#switch: 
   | upper-alpha
   | upper-roman
   | lower-alpha
   | lower-greek
   | lower-roman = {{{group}}}
   | #default = decimal}};">