Editing Parallel ATA (section)

=== HDD passwords and security ===
{{redirect|ATA Secure Erase|ATA Secure Erase with flash memory|Write amplification#Secure erase|general use|Disk formatting#Recovery of data from a formatted disk}}

ATA devices may support an optional security feature which is defined in an ATA specification, and thus not specific to any brand or device. The security feature can be enabled and disabled by sending special ATA commands to the drive. If a device is locked, it will refuse all access until it is unlocked. A device can have two passwords: A User Password and a Master Password; either or both may be set. There is a Master Password identifier feature which, if supported and used, can identify the current Master Password (without disclosing it). The master password, if set, can used by the administrator to reset user password, if the end user forgot the user password. On some laptops and some business computers, their [[BIOS]] can control the ATA passwords.<ref>{{Cite web |url=http://h10032.www1.hp.com/ctg/Manual/c01580453|title=Security User Guide |publisher=HP |location=US |date=June 2008 |id=463798-003 |edition=third}}</ref>

A device can be locked in two modes: High security mode or Maximum security mode. Bit 8 in word 128 of the IDENTIFY response shows which mode the disk is in: 0 = High, 1 = Maximum. In High security mode, the device can be unlocked with either the User or Master password, using the "SECURITY UNLOCK DEVICE" ATA command. There is an attempt limit, normally set to 5, after which the disk must be power cycled or hard-reset before unlocking can be attempted again. Also in High security mode, the SECURITY ERASE UNIT command can be used with either the User or Master password. In Maximum security mode, the device can be unlocked only with the User password. If the User password is not available, the only remaining way to get at least the bare hardware back to a usable state is to issue the SECURITY ERASE PREPARE command, immediately followed by SECURITY ERASE UNIT. In Maximum security mode, the SECURITY ERASE UNIT command requires the Master password and will completely erase all data on the disk. Word 89 in the IDENTIFY response indicates how long the operation will take.<ref>{{cite web| url = http://www.rockbox.org/lock.html| title = Rockbox – Unlocking a password protected harddisk}}</ref> While the ATA lock is intended to be impossible to defeat without a valid password, there are purported workarounds to unlock a device.{{Citation needed|date=July 2019}}

For [[NVMe]] drives, the security features, including lock passwords, were defined in the [[Opal Storage Specification|OPAL]] standard.<ref>{{cite web | url=https://trustedcomputinggroup.org/resource/tcg-storage-opal-and-nvme/ | title=TCG Storage, Opal, and NVMe }}</ref>

For [[Data sanitization|sanitizing]] entire disks, the built-in Secure Erase command is effective when implemented correctly.<ref name="Wei2011">{{ cite q | Q115346857 |url=https://www.usenix.org/legacy/events/fast11/tech/full_papers/Wei.pdf | journal = FAST'11: Proceedings of the 9th USENIX conference on File and storage technologies | access-date = 2018-01-08 | ref = {{sfnref|Wei|2011}} }}</ref> There have been a few reported instances of failures to erase some or all data.<ref>{{cite web |url=http://www.hddoracle.com/viewtopic.php?f=56&t=1412 |title=Beware – When SECURE ERASE doesn't erase at all |publisher=The HDD Oracle |date=2015-11-15 |access-date=2018-01-08}}</ref><ref>{{cite web |url=https://tinyapps.org/docs/wipe_drives_hdparm.html |title=ATA Secure Erase (SE) and hdparm |date=2016-11-06 |access-date=2018-01-08}}</ref><ref name="Wei2011" /> On some laptops and some business computers, their [[BIOS]] can utilize Secure Erase to erase all data of the disk.