Protect data
NVMe (Non-Volatile Memory express) M.2 solid-state drive features the Lenovo-unique PLP (Power Loss Protection) function to avoid data loss or damage.
If your computer is not responding and you might have to shut down your computer by pressing and holding the power button for several seconds. In this case, the PLP function enables your computer data to be saved timely. However, there is no guarantee that all data is saved in any situation.
To check the type of your M.2 solid-state drive:
Your computer supports FIDO (Fast Identity Online) authentication feature. This feature works as an alternative to password-based authentication to achieve passwordless authentication.
This feature only works when a power-on password is set in UEFI BIOS and the FIDO2 USB device is registered in ThinkShield™ Passwordless Power-On Device Manager. With this feature, you can input the power-on password or use the registered FIDO2 USB device to power on your computer.
Register FIDO2 USB device in ThinkShield Passwordless Power-On Device Manager
Follow the instructions to register FIDO2 USB device in ThinkShield Passwordless Power-On Device Manager.
- Select the available FIDO2 USB device that you want to register in the Discovered Devices field.
- Click Yes in the displayed window to confirm the device you selected.
- If you set a power-on password, you are prompted to enter the correct password.
- The User operation request window is displayed. You are prompted to press the button on the connected FIDO2 USB device, and then follow the on-screen instructions to close the window.
- Press Esc to exit and restart your computer.
- If you want to unregister your devices, click the available FIDO2 USB device that you want to unregister in the My Device field and enter the correct power-on password for verification.
- If you use more than one FIDO2 USB device with a common identifier for registration, only one device is available.
Log in to the System with Passwordless Power-On Authentication
Follow the instructions to log in to the System with Passwordless Power-On Authentication.
Note: You should insert the FIDO2 USB device or enter the power-on password within 60 seconds. Otherwise, your computer will shut down automatically.
Supervisor Certificate (also called the password-less management mode) provides more secure UEFI BIOS management with password-free solution. It is used to replace the supervisor password / system management password for authentication if you have set one.
For certificate enrollment, go to: Certificate-based BIOS Authentication .
Once you have enrolled the certificate, you can enter the BIOS menu with the certificate.
- Restart the computer. When the logo screen is displayed, press F1 to enter the BIOS menu.
-
The QR code is displayed. Scan the QR code to save the request data and send the request data to IT admin by e-mail or phone.
Note: If you choose to authenticate without the QR code, save the request data in a USB key and send the request data to IT admin by e-mail or phone.
- Enter the unlock code provided by IT admin and click OK.
- The unlock encode is a one-time password and is valid only during logon prompt (in one power-on cycle) for up to two hours.
- If you click Skip, you can enter the BIOS setup menu without BIOS management authority. But certificate reset is allowed.
Reset certificate
The enrolled certificate cannot be disabled. You can reset or remove it:- Restart the computer. When the logo screen is displayed, press F1.
- Enter the BIOS menu with the certificate or skip the certification authentication process.
- Select Security ➙ Reset Certificate.
- Follow the on-screen instructions to enter the reset code provided by IT admin.