Is there a way to put a password at Haiku startup for securise a minimum the computer and hard drive access?
1 Like
I donāt know if itās possible but I will tell you how I simulate it.
My Thinkpad supports various levels of firmware passwords and I have activated them. They protect hard disk as well, unless someone gets it out of the computer!
So, when computer turns on it asks for password before doing anything. Itās good enough for me.
For locking it when Haiku is active I use screensaver with a password.
3 Likes
Umm I wouldnāt suggest this lol 
Some laptops with EFI will store the password and wonāt forget ā so probably risky for sure.
A less secure (but less risky) idea would probably be to just turn on hot corners in ScreenSaver and have Haiku lock the screen ā or script the screen saver to start (with the lock enabled in the prefs) in the user script. But yeah, Haiku could totally use a lock screen in Beta 3 or R1 or whatever.
2 Likes
Great idea! Iād forgotten about the Thinkpadās BIOS level passwords! Iāve now turned on the boot time password so that at least that together with the screensaver password will provide basic protection when Iām out and about with my Haiku laptopā¦
BTW you mention that the hard disk passwords will protect the disks only as long as the disks are not taken out of the computer. Is that so? Thatās a bit worrying, but I suppose that as long as whoever steals the computer does not know that the disk is formatted for Haiku, the data will be safe?
Plug a disk in a linux computer, launch gdisk (depending of the size of the disk, you may have to try fdisk), see what it says. You should have now the partition table with format of each partitions even hidden ones.
If it is an Haiku disk, there is also a good chance that you donāt need that intel and you can directly mount partitions read-only. Build the bfs fuse module and you can even write.
And it is even easier with a Windows disk.
The only thing that can protect a disk is disk complete encryption. But anyway if the person has direct access to your hardware, itās only a matter of time before they are accessing data.
Now, some data are also crypted by software which is delaying access a bit more.
3 Likes
Ooops! OK, remind me to delete all my saved passwords from my Haiku browsers, and not to stay logged in to my webmail accounts!!! I guess thereās something to be said for running Win11 Pro on my laptops just to get the benefit of bitlockerās full disk encryptionā¦
This conversation is confusing two things:
- Disk encryption and network firewalls that will keep the crew from āMission Impossibleā from your data.
That is a tough one and up to the devs who work close to the machine. Until then, run Haiku as a VM with OpenBSD or QubesOS as the host OS.
- Preventing toddlers, casual passers-by and your crazy nephew from messing with your machine and viewing your collection of, shall we say, artistic nudes while you are getting coffee.
Piece of cake. BIOS passwords have been mentioned and that is a good option. Or you can do it within Haiku (or both!).
First setup your screensaver to require a password after a short interval (i.e. 30 seconds).
Now add one line to the end of /boot/home/config/settings/boot/UserBootscript
Do not add a trailing ā&ā
3 Likes
The screensaver is not a security feature. Donāt treat it as such
Actually I implemented the launch_daemon to be able to use the Login application of DiskEncryption post package management.
Not sure if that still works, but it did at some point. DriveEncryption itself is currently broken, though, unfortunately.
2 Likes
