Pre-boot authentication
Template:Refimprove Template:Cleanup
Pre-Boot Authentication (PBA) or Power-On Authentication (POA)<ref name=autogenerated2>*****o</ref> serves as an extension of the BIOS or boot firmware and guaranteesTemplate:Cn a secure, tamper-proofTemplate:Cn environment external to the operating system as a trusted authentication layer. The PBA prevents anythingTemplate:Cn being read from the hard disk such as the operating system until the user has confirmed he/she has the correct password or other credentials.<ref name=autogenerated1>*****o</ref>
Benefits of Pre-Boot Authentication
- Full disk encryption outsideTemplate:Cn of the operating system level
- Encryption of temporary filesTemplate:Cn
- Data-at-rest protectionTemplate:Cn
How Pre-Boot Authentication Works
Generic Boot Sequence
- Basic Input/Output System (BIOS)
- Master boot record (MBR) partition table
- Pre-boot authentication (PBA)
- Operating system (OS) boots
A PBA environment serves as an extension of the BIOS or boot firmwareTemplate:Cn and guarantees a secure, tamper-proof environment external to the operating system as a trusted authentication layer. The PBA preventsTemplate:Cn Windows or any other operating system from loading until the user has confirmed he/she has the correct password to unlock the computer. That trusted layer eliminates the possibilityTemplate:Cn that one of the millions of lines of OS code can compromise the privacy of personal or company dataTemplate:Cn.
Pre-Boot Authentication Technologies
Combinations with Full Disk Encryption
Pre-Boot Authentication is generally providedTemplate:Cn by a variety of full disk encryption vendors, but can be installed separatelyTemplate:Cn. Some FDE solutions can function without Pre-Boot Authentication, such as hardware-based full disk encryption. However, without some form of authentication, encryption provides little protectionTemplate:Cn.
Authentication Methods
The standard complement of authentication methods exist for Pre-Boot Authentication including:
- Something you know (i.e. username / password)
- Something you have (i.e. smart card or other token)
- Something you are (i.e. biometric data)
References
| references-column-width | references-column-count references-column-count-{{#if:1|{{{1}}}}} }} | {{#if: | references-column-width }} }}" style="{{#if: | {{#iferror: {{#ifexpr: 1 > 1 }} | Template:Column-width | Template:Column-count }} | {{#if: | Template:Column-width }} }} list-style-type: {{#switch: | upper-alpha | upper-roman | lower-alpha | lower-greek | lower-roman = {{{group}}} | #default = decimal}};"><references group=""></references>