# How crackable is my SSD?

## Hypnos

I'm not concerned about facing rubber house attack, sophisticated tampering or state-of-the-art data recovery since I don't do any sensitive work.  However, I am concerned about identify theft if my laptop is stolen.

Right now I am using an ATA password on my SSD (Samsung MMCRE28G8MXP) to safeguard my data.  How secure is this method?  I am having trouble finding straight dope on this topic on the web.  Would it be advisable to move to an encrypted /home partition and hibernation scheme?

EDIT: One pessmistic review

----------

## NeddySeagoon

Hypnos,

Disk passwords are next to worthless.  They are stored on the Interface PCB and work by preventing the drive from responding to requests for data until the password has been provided.

The data is not encrypted on the disk.

If you switch out the electronics board for one with no password, from an identical drive, the drive is open and the data can be recovered. Of course, you need to buy such a drive to do this.

----------

## Hypnos

I believe on modern disks and SSDs that the passwords are stored on the service sectors of the hard disks, not in the PCBs.

That said, reading the link in my OP, a knowledgeable technician could set the password flag to zero or even recover the password directly.  I am wondering how likely this scenario is if my laptop gets stolen on the train.

----------

## NeddySeagoon

ypnos,

If your laptop is stolen by an opportunistic thief on the train, they will try to put Windows on it and sell it on.

If the hard  drive is useless because of the password, they may let it wipe the disk then try again before selling it for spares or repair.

If you have a reason to be targeted for identity theft, then all bets are off.

----------

## John R. Graham

 *Hypnos wrote:*   

> I believe on modern disks and SSDs that the passwords are stored on the service sectors of the hard disks, not in the PCBs

 Correct. Furthermore, you can't just reset the password. Any ATA commands that affect the password require the password. However, NeddySeagoon is 100% right that there's no platter encryption and that professional tools are available to recover data from a locked hard drive.

If you care about identity theft or privacy, look into disk encryption. There are several threads on the Forums on this topic, for instance, [solved] Full Disk Encryption.

- John

----------

