Configuring System Security Settings

On the Security tab, configure the settings as described in the following table:

Table 9-1 BIOS Security Settings

Setting	Description of Option
Secure Boot Configuration	Disabled by default. To enable, set the Supervisor Password.
Secure Boot Option	Enable or Disable the UEFI secure boot firmware validation process.
Reset to Default	Reset secure boot variables to the factory default.
Change to Customization	Delete the protection key, change the platform to setup mode, and disable secure boot.
Set Supervisor Password	Set or clear the supervisor password.
Supervisor Hint String	Enter a hint for the password.
Min. Password Length	Set a minimum length to enforce for user passwords.
HDD Password Select	Select the password structure to apply to hard disk drives: User Only: Supports user account passwords. User + Master: Supports user account passwords and a master password.
Set HDDNumber User Password	Set a password for the user account for this HDD.
Set HDDNumber Master Password	Set a master password for this HDD.
TPM Support	Enable or Disable Trusted Platform Module support. By default, TPM Support is disabled.
TPM Action	Select one of the options. For the 610, the following options are available: No change Enable Disable Activate Deactivate Clear Enable and Activate Disable and Deactivate Set Owner Install, with state=True Set Owner Install, with state=False Enable, Activate, and Set Owner Install with state=True Disable, Deactivate, and Set Owner Install with state=False Clear, Enable, and Activate Require PP for provisioning Do not require PP for provisioning Require PP for clear Do not require PP for clear Enable, Activate, and Clear Enable, Activate, Clear, Enable, and Activate For the 620 and 650, the following options are available: No change Require PP for clear Do not require PP for clear Change EPS
Omit Boot Measurements	Enable or Disable recording boot device attempts in PCR.