I Bought a BIOS-Locked PC. Should You?

Something to try that's worked several times for me with various desktop and server motherboards, although sadly isn't an easy option for most laptops: On a lot of boards, if you replace the CPU, it will allow you one-time access to even the most locked-down BIOS, so if you have another spare CPU for your locked motherboard, remove the BIOS battery, close the CMOS jumper, then replace the CPU. Remove the CMOS jumper, replace the battery, and switch on. Some boards will take you straight to BIOS and others will give you a message to say the CPU has been changed and to press (usually) F1 to enter BIOS. Once in there, you MUST remember to change or remove the password at that point, because if you leave the original password set, it's a one-time deal until you replace the CPU again.

BIOS said: 37 times

Cheers for the shout out, great video - whish I could get this much information into 10mins!
In-circuit flashing (with the clamp) is definitely possible as you've discovered, but I always de-solder the chip, as unless you have a detailed understanding of the platform, you never know what else is getting powered up by the clamp, and what else is listening on the bus. Soldering is also dangerous, but I know those risks a lot more than if the PCH is going to breakdown when an unmodded CH341a bashes 5v onto the SPI bus. It's low current sure, but I don't need to roll those dice if I flash out-of-circuit.

My biggest win was using a grounding trick on a thinkpad t430s to get around a bios lock. There's many videos on youtube, but the gist is you carefully use a pair of metal tweezers to ground the data pin during (not before) POST. The password is seen as blank on that boot, and you can easily set and then disable the admin password. This let me enable virtualization, update the bios, and enable the express card port.

I used to have a defective RAM bar, if you insert it into the computer, the data loaded into the initial addresses will be corrupted by the BIOS in an attempt to restore it loads the default settings and the password disappears it was very convenient

Your BIOS dump seems to be exactly 16M, which means its probably a full dump of the BIOS chip, even white space that might exist at the end of the chip. Most manufacturers don't fill their BIOS chips to the brim, mainly for BIOS updates and patches in the future. It's possible the HP and community BIOS's are complete images, just truncated to exclude the white space that would exist at the end of the chip

On devices of some manufacturers like Fujitsu, you can remove the bios lock by entering three specific "passwords". Then you get a long number shown on the screen which you can enter into a calculator found on the internet. There you get a code you can enter as a password to gain access to the bios.

Setting a bios password on random computers you get your hands on sounds like the most evil plan for world domination.

There is another way of removing BIOS-password by using Intel ME software. Basically, it allows you to read and write BIOS chip from Windows, without soldering the chip. However, a few things need to be considered:
- It's needed to remove/change position of a jumper if you wanna flash to BIOS chip while reading from it doesn't. Some times you need to use a wire as the jumper is removed by default.
- Make sure that you have the right BIOS to flash to the chip. Otherwise you can't boot up. In that case you will need desolder the chip and use a programmer to flash BIOS to it.
Overall, while this technique could be avoid of using solder-iron, it requires some knowledge of understanding motherboard (and maybe reading schematic) and BIOS flash.

Picked up a bios locked 845 G7 from work for 20 bucks. Had to learn how to desolder and reprogram the bios, but it wasn't too difficult for me since I at least have some soldering skills and watch LOTS of board level repair videos in my free time. Threw in some ram and a drive, and I have a killer daily driver that cost under 100 bucks total.

Notice if you are running a HP ProBook/EliteBook/ZBook up to the Folio 9470m:
DO NOT JUST OVERWRITE THE BIOS WITH A DUMP THAT EXISTS ON THE INTERNET. Because when you do, the Serial Numbers and the MAC Address of the Ethernet Card gets overwritten.
What you should instead do is capture the Current BIOS, flash an unlocked one, power the PC on, flash the original locked bios while the PC is running, set a new Password and then reboot.
Otherwise you will for example get Code 43 for the Ethernet Chip because the MAC Address is incorrect, and there could be problems with Windows Activation.

One of my favorites is the older laptops with a password chip. If it reads 0000s from the chip it assumes no password. The trick is you short the clock and data pins right when it checks for a password, it won't see one and you can get into the BIOS. Then set a blank password, it will overwrite the stored password.
If you find that the motherboard is stealing the power from your clip programmer it might be pulling the voltage down too low. I keep a 1/2 charged Lithium Ion battery around ~3.6v to connect along with the CH341A.
The other option would be powering the board and letting it provide the power to the chip.
I do run into chips that need pulled from the board at times.

I have a really old Toshiba Pentium III laptop that somebody gave me and it had a BIOS password.
It has a parallel port on the back (yes, it's that old!) but I found out researching online that you could reset the BIOS password by wiring a few pins together on the back of a D25 parallel connector and then powering on the machine with that connector plugged into the parallel port - and, yes, it did work exactly as expected.
So clearly there are a few "weird and wonderful" things out there that might allow a BIOS password to be reset.

I know you didn't cover it but one Hard Disk password exploit that worked well for me on ide/sata spinning rust drives was to power on machine with unlocked hard disk into the bios and into the security settings, hot swap the drive to the locked drive, select to lock drive and set a password, save and exit. Upon boot it will still be locked but only with the password you provided. Now you can go into bios and unlock with the password you set.

From experiences I have had with these Mini PCs and some whacky BIOS mods I have done in the past (going from turbo boost unlocking on Haswell to NVMe module injection), these sometimes require the power brick connected and a power cycle while - power button is kept pressed - to allow the chip to be powered and selected (floating SS line) and avoid the tedious (de)soldering task!
Another pro-tip to whom it may concern, AMI bioses sometimes are flashable without needing the (risky) HDA_SD0 pin short or the ME disable jumper on with AFUWIN v3.05.04 and the magic /GAN flag!

This randomly appeared on my homepage and I'm so glad it did. I got a bunch of Optiplex 7070s from a school that was tossing them out, and I discovered that one of them had both a dead battery and a BIOS lock-meaning I couldn't even fix the incorrect clock until after booting up. Turns out this model does have that jumper, which is not just conveniently labeled PSWD, there are even instructions printed nearby that say "1-2: NORMAL, EMPTY: CLEAR PASSWORD". Considering how easy it would be for a kid to reboot and mess with stuff, I'm surprised it was the only one they had bothered to lock. Must have been the computer lab teacher's computer. 😄

Reminds me of my original Xbox modding days, desoldering corrupted eeprom chips or bios chips, tsops, flashing them. Modding bios, corrupting them again. Good times

On a lot of aftermarket mobos you have options. Simple clear cmos, alternate bios, or a socketed bios chip you can just replace. I've picked up some good deals on hardware that was locked.

Came across your videos as recommended for Proxmox and HA. I really like your style of presenting material in a very calm, friendly, easy manner. And one of the big things is you talk to the viewer as if we are on the same level and don't speak in terms most of us would not understand, the l33t speak as it were. I really appreciate that 😎👍
As a note, you bring up the BIOS flasher you purchased. I had this same problem with a thin client where the chip was borked during a bios update. I had gotten one of those units only to find out the same exact issue you had here, the chip runs at a different voltage as the flasher outputs. I tried to do the hack to make it work, but the thing over heated and never powered the chip.
Thanks for showing the description of the device (there's actually v1.7 available that I've found), but I had first looked in your description for an affiliate link, and was saddened that you had not had one for that device. It might be a good idea to add one for it for future viewers, you never know how many ppl will be using it to get the device because they came across the video 😉

For many systems there's also some default passwords available that can be used to unlock a machine. Worked fine for an M93p I grabbed off Ebay for cheap.

Amazing intro! I love it! Keep it up man. Love how your channel is growing.

I don't buy bios-locked pc, simply because I don't have the time or tools or patience to work on it just to save $20 (roughly), unless the unlock is guaranteed and is super easy. The only time this would make sense is if I'd save at least $100 by buying a bios-locked pc/motherboard and if it is worth the effort to do so, like a rare PC. But it is fascinating to watch others do it. It feels like magic.

I'd recommend doing a comparison between the bins for each to see where the pin is stored, and either modify with a hex editor or remove (with blanks)

Just did one about a month ago. 2016/17 HP laptop. There's a built in feature. Hold Windows+B while powering on. Continue holding until it reboots (could be as long as 45 seconds), then release. Should let you into BIOS when it comes back on.

@Hardware Haven You were lucky.. Sometimes just bios reflash doesn't help, for example HP laptops has protection against password reset via bios reflash, it simply doesn't work and password is still present... It is still possible, but you must use 3rd party software to patch bios that you want to use for reprograming and then wirte it into SPI chip. For example as I remember correctly, sometimes password is stored in a few places, so simply bios reflash/.CMOS reset not always works, because mainboard is able to recognize that BIOS was reflashed and was password protected... Keep that in mind that you have do more then simply bios reflash, it's not always so simple, becuase modern computers are protected against that, aspecially laptops...

one tip 10:10.. intel ME Management Engine needs to be Clean aka Configured to be able to boot on Others PC.. same pc works fine.
there is hp unlocker for up to 2016 then RC Unlocker for newer.
hp serials tend to be in paddings you can see w UEFiTooL

Over the years I’ve blown up two desktop motherboards by flashing the wrong bios in one and not using the proper OS the flashing software wanted. (I used win 10 but the loader program wanted win 7) I didn’t throw either motherboard away and I figured a solution would pop up in the future. The first dead mb was fixed by swapping the dead bios chip with another bios from a similar mb (socketed bios chip swap) and the second one was fixed with a CH341a reflash.

Lifting prom pin 1 or 8 from the motherboard will allow you to program it without desoldering. Do not ground the voltage pin as some people say, it could damage the chip and your programmer. I usually slide a piece of kapton tape under the lifted pin to make sure it doesn’t make contact again while clamped. Cheers!

Flashing the bios without the serial number and mac address seems not to matter that much.
I used the image dumped and cleaned by another user so it was already the correct size but missing the info mentioned above.
I was able to recover a system that was not starting before. Works to this day.

Firstly it was great of you to point out the flaw with the CH341A, I was in the same boat on mine as i was only flashing 1.8v chips the issue didn't both me but as it started to look like i was going to be touching 3.3v i replaced it with the new version.
Secondly i would like to expand on what you said about saving a dump of the chip.
Really you should be dumping the content of the chip 2 or 3 times before even flashing anything back then comparing the files checksums match. It takes just a slight knock on table and that clip can move slightly giving you a bad dump rather then a good dump.
I normally do 3 dumps of a chip, check and then use one as the backup, one as stock the other to mod after checking the checksum.

Very nice vid, it's also possible to solder a 8 pin chip socket in place of the bios chip, modding it into a removable bios chip

I bought an hp 720 plus for like 50 bucks but it came bios locked lucky for me all I had to do was move the jumper and hold the cmos button like you said. Great video probably going to use this in the future!

You could also ask the seller if they know what company the bios locked system comes from. In most of the systems I've gotten over the years the bios password was just the name of the company.

Just found out about your channel, i am already loving it!

I'd like to see a comparison of the bios dump with and without the password... It would be interesting to see if it was hashed or just stored in plaintext.

Done a reflash on a bios chip I wrote the bios to by using another board with a similar bios chip. Start pc with good bios, carefully swap to bad bios with unit powered on. Run flash program for the right version of corrupted bios. If successful then power down and replace proper bioses into proper boards and away you go.
There is also some specialized software for recovering bios passwords as well, but like you stated it really depends on the board and manufacturer implementation. I know ThinkPads of many models had to be reflashed using a programmer or serial flash cable of some description.

On lenovo you can modify and set serial, mtm, name (on laptops kbd layout) using either Planar or Golden Key U1 tools which both are lenovos own tools. Planar is designed for thinkpad and U1 works with other lenovo computers. Both tools are used to brand the motherboard after replacement. Additionally U1 can be used to re-flash / recover corrupted bios.

cant wait for this video to get millions of views and then have those seller increase the price of bios locked shit like how people constantly made dell optiplex builds and sellers amped the old optiplex prices to get on the wagon

So another way is to dump the bios, you can then pull the password hash out and throw it into something like hashcat and using a gtx3080ti crack the hash in like 2 hours

Wow great video. Love the super technical details. Thank you.

Ha. Nice. I actually just did this a couple of weeks ago for an old laptop manufactured in 2006. The price was too reasonable to pass up and I was up for the challenge vs. the risk to do some retro games. Lucky for me, bridging a couple of pins on the EEPROM did the trick. Like a few others who posted, it was also a Thinkpad series T42.

I had recently purchased old RM computer for £19 that's bios locked and even had the original hard drive with the original operating system and had to replace on screen keyboard with command prompt inorder to change the administrator password to login as administrator. Fingers crossed the method for removing the bios password won't get crazy complex.

My Flipper Zero will take care of a BIOS lock or POP pretty quickly. I buy A LOT of "locked" computers and flip them. It's not great money, but we definitely aren't hurting for cash.

I wouldn't worry too much about the non-3v3 ch341a. Because the current source capability of the CH341a chip i forget but it's absolutely miniscule, like 2mA or something, while 3v3 supply off the regulator on the board provides the clamping voltage via EEPROM's internal ESD diodes. There is a very low likelihood to kill something.

I literally was forced to do this yesterday due to me accidentally powering down an old system. Nice vid as always!!!

Love the improved presentation of your new video!!
Keep it up!!

I remember resetting the BIOS password for my friend's laptop using the same website you showed. It worked well. I think it was a Dell laptop. Not sure if it works all the time though, but it worked for me back then.

They have application for that btw.
1 - Dump BIOS
2 - Open Bios with the nice Russian software (that don't say anything but just create another .bin file with "unlocked" in the name)
3 - Flash back the bios using the "unlocked" one.

The only issue with having 5 volts instead of 3.3 would be the write part. More voltage could just change some of the data you're trying to write. It's still pretty safe to use as long as you make sure to verify your dump each time and have a differents read dumps.

If you've got the same laptop without a password but all those tools, just take a dump without a password then with a password set and then maybe with a different password set. Diff the binaries and now you'd know exactly what bytes to write to remove it from any bios chip of that same model.

8.53, you can use de board adapter connector, put a bios in the bench and connect. (do not need to solder in the adapter ) fast and practical. By the way it isnt a good policies to program in circuit, and ways do 2 or 3 dumps and conpare to confirm a good bin file.

Almost all HP Desktops have this jumper got some old ones from school and could unlock all Bioses this way. It should always be possible to change some things in the Bios in case you press F10 (HP Bios button)and it asks for a password just hit enter 3 times and most of the bios will work.

Great video! I've had to re-flash a few bioses myself - I even had to dump and hex-edit one, tho that was back in the day when they were in a socket.
Why the sans font tho? Is it Droid Sans? I'd suggest for this video using the freeware font "Perfect DOS VGA 437", tho since you're a mac user, maybe use Chicago. Whatever you choose, I have to say your font made me physically recoil in horror.

Thanks for sharing knowledge, we appreciate your work!

Doesn't happen with the chip in-situ often, but it can be done. Managed to dump a router once while the lights were doing the "we don't have enough juice to boot" dance.

An interesting video!👍👍I have an HP Compaq DC7800p USDT, and to do something as simple as change the boot order a password is required, it's only that one pc., though as I had another example of the same pc., and it did not require a password. I had no idea what the password could be or how to find out, so I rapidly pressed the enter key on the keyboard and that succeeded. Those computers are old and they use DDR2 ram., and the maximum is 4 gig, but I have found that with 4 gig., and an SSD., and a lightweight Linux OS., installed that they are okay for basic computing, for example, checking e-mail, browsing Ebay, watching YT., videos, doing office work etc..

Good video man, lots of valuable information in here for people !

Excellent job! I recently got a bios locked working HP laptop from a scrap dealer. I'll try this fix to unlock it.

I have noticed exact same thing with CH341a, newer model with 3.3V switch won't read chips with using clip, meanwhile unmodified CH341a works just fine with clip.

8:25 the problem here was that you have connected the ram and also the CMOS battery!!! to the MB. Those need to be removed so you don't have to deal with solder-disolder process.

The most informative video on RUclips. That info as gold !

I always buy them because i am a repair master and k ow how to flash them easily with a custom or unlocked bios, even managed to install a custom os on a settoobox for tv using uart. I also know how to change a few bits in hex. But your tips help other people

If you have an encrypted disc but don't have the key, format it.
For a bios locked laptop I had, I unplugged the bios battery. It even corrupted a hard drive I put in it with its "Return me!" lock screen on bios boot.

Did you compare the binaries before and after setting the password?

I came across BIOS images that were the full size but with added header. So i compared with a backup from the chip and removed the header, then it uploaded fine and worked.

The data pins of the CH341a being at 5 volts doesn't matter. The current is so low that it's basically impossible to burn a chip.
Also, instead of desoldering the chip, sometimes just plugging the cable in to supply standby power (and thus 3.3V to the chip) is enough.

I once repaired an Asus ROG laptop that had failed to upgrade to windows 10. The bios was corrupted during OS install (no idea how). I was able to use a raspberry pi and a SOC clip to reprogram it. I had a similar issue with not being able to read the chip in system, but figured out I could plug in the power (without turning on the laptop), and that was enough to power the chip and dump the ROM. You might try it out next time, it could save you a ton of soldering.

I have the same device but with 7th gen intel and it was already unlocked when i bought it, its really good for homeserver running multiple docker containers

Could you be so kind as to compare the data dumped form both a locked and unlocked chip? If you find the locked flag and/or the password/hash, you may be able to just alter those, thereby disabling or changing the password.

I'm an IT technician, and I've worked with computers since I was 12 and couple years ago I was about to swap an HD and format and do all the stuff on my mother in law's laptop and got the locked BIOS thing going on, I read the manual and in there told me to contact ASUS for the unlock, tried a bunch of times and didnt even could have any information from them because the documentation from it was missing since her nephew owned it, I was shock that I could even do nothing with the thing, the only solution that I've found in the internet and the market around here (brazil) was to replace the chip that holds the BIOS and this around here is rather expensive.

I have just emailed HP customer support, for my 8760w, even though i bought the laptop second hand. I had to give the uuid and maybe some other info and they send me some bios reset file, I believe tailered to that specific uuid and also valid for a short time, only one week if I remember correctly. But it was working and I had a good experience with the customer service.

A video or several on replacing BIOS chips and if possible replacing SOIC with the same in DIP version which would allow easy removal for specialty reflash with less hassle (swap in programmed chip instead of flashing it onboard) would be of interest especially to classic Thinkpad owners into alternate BIOS. Modifying BIOs is a good rabbit hole there are not near enough videos on.

Many arcade boards that use PC hardware are indeed BIOS locked. Bringus Studios bought a Sega ALLS machine from Japan, and he had a headache unlocking the BIOS.

I got a free HP Z440 from work once and it had a BIOS password on it. I quickly Googled my computer and how to clear it. It was nice all I had to do was remove the jumper and push a button, like on your HP in this video. Then put the jumper back and I can set my own password. I never liked HP, but this workstation was pretty nice and works well. I threw in a Xeon E5-2689 V4 (probably overkill), populated all RAM slots with 8GB sticks (64GB total), and put in my EVGA RTX 2070 FTW3 Ultra I had lying around. Surprisingly, the power supply is able to keep up no problem. I tested an RX 6500 XT and a GTX 970 with the Xeon E5-1620 V3 it came with and it turned out to be a pretty decent little machine for light gaming.

I picked up a bunch of these (prodesk and elitedesk 600/800) for cheap since they were listed for parts and bios locked. Planned to try and diagnose them for issues and learn a bit. They all powered on and I cleared the bios on each of them no problem. I popped a cheap ssd in one, loaded up linux mint and it just booted up no problem. If they are all as well behaved as this one I might not get much troubleshooting experience after all.
I guess my plan B is figuring out what to do with a bunch of mini pcs.

I know that many, especially business laptops use the NVRAM of the PCH to store the passwords, some have hidden "manufacturer" modes to get the NVRAM to reset (not the same as the BIIOS CMOS, that's battery, the NVRAM is an area that's kinda like flash storage but small and used to store setting bytes and bits...)
This is like the mechanisms that AntiTheft and CompuTrace mechanisms use.
At work, we got in a job lot for the LifeCycles part of the company, most were fine but a certain model all had BIOS passwords and the settings for something meant BSODs on every reinstall of Windows, with no way to remove them.
I had to explain why it's impossible (for us at least, given limited knowledge on that specific model) by literally walking off with the manager's laptop and saying "I'm off to sell this at CEX, I can't do that with the locked ones, just like they were designed to prevent".... Of course, I walked back inside and asked if he understood why.

I've reprogrammed a lot of chromebooks to put linux on them. I didn't know that my programmer had an update though. I'm going to have to look into getting me one.

Can you please make a compare of the Hex dump of the bios with and without password and then see i) which bytes to change to remove the pwd, and ii) if you can extract and decrypt the pw?

cool video, i always wondered about this, thank you for the explanation!

Hi there, Can you tell me in which website you ordered your new CH341 programmer? is it support 1.6v , 1.8 , 3.3v and 5v? thnx

In a pretty recent Asus laptop with a lost boot password, I had to short to ground the I2C data pin in the BIOS flash IC to make the laptop give me an error, and then it let me reflash it using a thumb drive with the file given from the manufacturer. Probably other domestic models, not business-grade or professional-grade, have similar ways to do the same. Cheers!

Not all bios locks are proofed against upgrades to the bios via a windows app. LENOVO ones may be bypassed where genuine upgrades are available. During the upgrade tge settings are reset to factory default. This I found on the miix 720 tablets used in schools.

Love the content! Keep it up 👍

Very informative, Thank you.

I bought a PC Laptop at a decent price at Costco, and found it was an S mode machine.Took me 3 months to to exit S mode as my phone number was already used on another machine for my parents, and then I forgot the Microsoft account credentials used to exit S mode to add Zoom to the machine. With forgotten credentials, could not use my phone number to open another Micorsoft account, so yea, locked out of the new machine. Could not use the free one year subscription to Office 360, so yes, it was a box with a working web browser I don't use, and a free card game. Finally a walkthrough video was found on how to exit S mode without a MS account. This worked, so the computer is now working for me. S Mode is a really locked down machine.

6:44 - 6:58
From what you pointed out, it looks like the user can get a full copy of their BIOS straight from the OEM or unofficial sources, which is not correct.
An oversimplified, brief explaination is that:
The BIOS UPDATE cannot restore the BIOS IMAGE, because the update is not a full bios image. It has the same size as the BIOS IMAGE, but the BIOS UPDATE is mostly filled with FF to match the BIOS IMAGE layout.
That is why many BIOS brands like Insyde, AMI and Phoenix have a check to prevent the users from bricking their computers.
The only ways to obtain a full BIOS image for your device are:
1. Contact your device OEM, which will most likely not help you at all, by saying that "they can't make a new bios for you because they don't cover that, they don't like you or the warranty expired"
2. Dump the BIOS IMAGE with a physical programmer
3. Dump the BIOS IMAGE with a digital programmer
I like your vids and I learnt some things from your channel.
Keep it up ❤❤❤❤❤❤❤

What we need is a way to get around the lock on school Chromebooks as they're essentially e-waste if the schools don't want them back and they've flooded eBay, Craigslist, and marketplace. Received one in a large trade last trade myself, the school didn't want it back, yet wouldn't unlock it, so it's stuck with a lock to the school's domain and no way to bypass it with reinstalling chromeos, removing cmos, etc.

Usually you can flash uefi by your method or there is a second method that depends on your motherboard, honestly you just have to read the manual and shortcut pins.
There is a last option running on win 10 or 11 to do it while your are in session, maybe you can bypass your "locked-pc" by using live os.
Otherwise first thing to do is to explore on the official support site to avoid things like looking for the right process with the right os or "os slightly modified by producers"
If there is no option you can run Linux on it to unlock and reset HDD then make a volume to set a new OS to repair.

I got a hold of a Surface 3 that was bios locked and the system disk was bitlocked and unbootable. It took me all of an hour and 5 minutes once I had everything needed to get the bios password and repair the Windows install. Not necessarily in that order. Most of that time was burnt on the reinstall.

Currently experiencing a similar issue when I bought a used Asus Chromebox 4 from marketplace which was super cheap only to find out it was enterprise enrolled. Had to go the CH341A route to flash Coreboot on it but found out new machines are no longer using BIOS chips with feet like in the video.

It's best to only connect or disconnect the clip on the chip while the programmer is unplugged.

Most motherboards have not standardized header pins that allow me to connect striate to the bios chip. I use mostly those to get a copy of the BIOS and reprogram it. Stand alone motherboards are easy, you just flash the new bios file from the support page on the chip. Mainboards from Dell, Lenovo or you name it including a windows key are harder and a big pain. You need to preserve the windows key and serial numbers this means there is no other choice than replacing parts of the bios mostly by try and error.

If the owner of a device puts a bios password on it that can't be bypassed by the unlawful owner afterwards, that is a product which "questions the concept of ownership". Hugh Jefferies taught me that! So remember, *_it's our computer comrade_*

I also have had luck shorting out the data line on a Bios flash during the boot process that triggers the backup bios to load. That's how I got past the bios lock on a pair of ex government panasonic toughbooks. I shorted the clock to a data line as they were next to each other with a tiny probe during different points in the boot process and triggered the bios recovery. of cours this only works on systems that have a bios recovery.

tip for heatgun soldering: when you remove chips use flux and circle the heatgun around the chip. solder will melt faster.

I'm wondering if I'm having a similar, yet different issue. I bought 2 used motherboards (Gigabyte and MSI) with X99 chipsets to use for a NAS project. I can't get either one of them to POST. Fans may spin (barely) or lights may come on, but no POST. Could these be BIOS issues? I tried the usual clearing methods, but no dice.

What programmer do you use & from where? Great YT too!

Personally, I noticed that a lot of times when a bios gets corrupt a bios password that doesn't exist gets set and it happened to an old lenovo ideapad laptop of mine, I swear I never set a password on it, I don't really care because the settings are right and the boot selector works

I have unlocked the bios for a couple T61 which were locked with power on password. Basically, until xx30 models (Ivy Bridge) you can simply short 2 pins on the bios chip while powering on. This will skip password control and let you enter the password change page to set it to blank. I have found a website with pictures of different mobo from many Thinkpad models, where you can find yours and identify the bios chip, but now seems to be offline. :(

You dont need to solder it to the board, just clamp it directly (make sure all pins are connected) and then read it. I'd rather put least amount stress/destructive approach to a single single specimen.