HP BIOS Configuration Utility (BCU)

User Guide
© Copyright 2012–2015, 2019 HewlettPackard Development Company, L.P.

Intel and Core are trademarks of Intel Corporation in the U.S. and other countries. Microsoft®, Windows™, and Windows Vista
are trademarks of the Microsoft group of companies.

Confidential computer software. Valid license from HP required for possession, use or copying. Consistent with FAR 12.211
and 12.212, Commercial Computer Software,
Computer Software Documentation, and Technical Data for Commercial Items are licensed to the U.S. Government under
vendor's standard commercial license.

The information contained herein is subject to change without notice. The only warranties for HP products and services are
set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed
as constituting an additional warranty. HP shall not be liable for technical or editorial errors or omissions contained herein.

Sixth Edition: November 2019

First Edition: May 2012

Document Part Number: 700600-006

User input syntax key
Text that you must enter into a user interface is indicated by fixed-width font.

Table -1 Syntax and their descriptions

Item Description

Text without brackets or braces Items you must type exactly as shown

A placeholder for a value you must provide; omit the

<Text inside angle brackets>
brackets

[Text inside square brackets] Optional items; omit the brackets

{Text inside braces} A set of items from which you must choose only one;
omit the braces

| A separator for items from which you must choose

only one; omit the vertical bar

... Items that can or must repeat; omit the ellipsis

iii
iv User input syntax key

Table of contents
1 Getting
started ......................................................................................................................
....................... 1
What is HP BIOS Configuration
Utility? .................................................................................................................. 1 System
requirements ...............................................................................................................................
............. 1
Installation ..............................................................................................................................
............................... 1

2 Command-line
parameters ................................................................................................................
............. 2

3 BIOS
configuration .............................................................................................................
............................ 4
WMI support
required ..................................................................................................................................
.......... 4
Replicated
setup .......................................................................................................................................
............. 4
 Important
notes .................................................................................................................................. 5
Password
management ..........................................................................................................................
............... 6 BCU with HP Sure
Admin .....................................................................................................................................
... 6
Comments ...............................................................................................................................
............................... 8

Appendix A Error
codes ...........................................................................................................................
.......... 9

Appendix B Sample configuration

file ............................................................................................................... 12

Appendix C HP Password Encryption

Utility ...................................................................................................... 18

v
vi
 1 Getting started

What is HP BIOS Configuration Utility?

HP BIOS Configuration Utility (BCU) is a free utility that enables you to do the following:
● Read available BIOS settings and their values from a supported desktop,
workstation, or notebook computer
● Set or reset Setup Password on a supported desktop, workstation, or notebook
computer
● Replicate BIOS settings across multiple client computers
Download the latest version of BCU from http://www.hp.com/go/clientmanagement.

System requirements
Table 1-1 Minimum hardware and software for clients

Windows 7, Windows 8, Windows 8.1, Windows PE (version 4.0.1.1 or later), Windows 10.

NOTE:BIOS setting management is supported under Windows PE 3.x, 4.0, or 5.0. See WMI support required
on page 4.

NOTE:Support of Windows XP and Windows Vista™ has been deprecated in BCU version 4.0.

Installation
Run the BCU SoftPaq to install its contents to the folder <PROGAMFILESDIR>\HP\BIOS
Configuration Utility\, where <PROGAMFILESDIR> is the Program Files folder on the
target system (For example, C:\PROGRAM FILES). The resulting files at the target folder
include:
● BIOSConfigUtility.exe
● BIOSConfigUtility64.exe
● HPQPswd.exe
● HPQPswd64.exe
● BCUsignature32.dll
● BCUsignature64.dll
● Internet shortcut to BIOS Configuration Utility User Guide.pdf

1
 What is HP BIOS Configuration Utility?

2Command-line parameters
Use the following syntax to run BCU:
BIOSConfigUtility.exe <options> —or

—
BIOSConfigUtility64.exe <options>

The valid options are:

Parameter Description

/Get:"filename" Gets the configuration data.

—or— NOTE: If "filename" is empty, BCU writes configuration data to

the output console.
/GetConfig:"filename"

/Set:"filename" Modifies the system BIOS configuration. Accepts only REPSET

formatted files.
—or—
/SetConfig:"filename"

Specifies the current BIOS Setup Password by providing an

/cspwdfile:”filename” encrypted password file. Current password should be provided
when changing BIOS settings or password. Can specify only one
—or— current password file. Use HPQPswd.exe to generate password
file. See Password management on page 6 for additional details
/CurSetupPasswordFile:”filename” on this utility.
—or— NOTE:Requires BCU version 3.0.1.1 or later.
/cpwdfile:”filename” If using a BCU version earlier than 4.0.1.1, use
/cspwdfile:”filename”.
/nspwdfile:”filename” Specifies the new BIOS Setup Password by providing an
encrypted password file. To remove the password, use
—or— /npwdfile:””. Use HPQPswd.exe to generate the password file.
/NewSetupPasswordFile:”filename” See Password management on page 6 for additional details on
this utility.
—or—
NOTE:Clearing the BIOS Setup Password will remove all BIOS
/npwdfile:”filename” Users.

Requires BCU version 3.0.1.1 or later.

If using a BCU version earlier than 4.0.1.1, use

/nspwdfile:”filename”.

/? Displays a help message.

—or—
/Help

/SetDefaults Sets BIOS settings to their default values.

NOTE: /SetDefaults does not change every possible value; also,

it does not change settings on an individual basis.

/verbose When used with /Set, displays details about each setting, such as
success, the reason for failure (warning), or failure code (error).
/WarningAsErr When used with /Set, displays details about each setting. Unlike /verbose

2
 any settings not applied due to warnings cause BCU to return
program error code 13 instead of success.

Chapter 2 Command-line parameters

Parameter Description

NOTE: Requires BCU 3.0.11.1 or later. When both /verbose and

/ WarningAsErr are used, /WarningAsErr will take precedence.

/Unicode Checks platform support for Unicode passwords only. If not

supported, returns error code 32. Use only in batch files; this
command is not compatible with other commands.

NOTE:Requires BCU version 4.0.1.1 or later.

/log Generates the log folder and log file default to the executable
folder.

NOTE:Requires BCU version 4.0.1.1 or later.

/getvalue Gets the value of a given setting without using the config file.

Example: BIOSConfigUtility.exe /getvalue:”Asset Tracking

Number”

NOTE:Requires BCU version 4.0.1.1 or later.

/setvalue Sets the value of a given setting without using the config file.

Example: BIOSCUonfigUtility.exe /setvalue:”Asset

Tracking
Number”,”12345678”

NOTE:Requires BCU version 4.0.1.1 or later.

/ot:value When this value is set to 0, a setting will be rejected if the anti-
replay value specified is less than what is stored by the firmware.

When this value is set to 1 a setting will be rejected if the anti-

reply value specified is less than or equal to what is stored by the
firmware.

Since BCU uses the same anti-replay value for all the settings
made within a file, when it is used with a settings file containing
multiple changes, this value must be set to 0 or only 1 setting will
get applied.
/ar:value Provides AntiReplay value. The firmware compares the anti-replay
value used for each setting with an internal value (initially 0). If
the value provided with the setting is less than (or equal based on
the /ot setting) to what is stored then the setting is rejected. If the
setting is accepted. the firmware updates its internal value with
the value used by the setting. This logic is used to prevent older
settings from being reused for security reasons. A common
method of simplifying the management of this value is to use the
epoch / unix time in UTC as the value. The current values stored
by the BIOS are available in the BIOS settings:
/uid:value Provides the MachineID Universally Unique Identifier (UUID) this is
available in the BIOS setting “Universally Unique Identifier (UUID)”
and can be used to target the setting to a single platform.

Using a value of FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF allows the

settings to be applied on any machine. The default value is
FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF.

3
 /pkey:“*.pfx” Specifies the path /filename to the PFX file that contains the
private key to use when signing the settings.

/pkeypwd:value Optional. If the specified PFX file is password protected, this

specifies the password to the PFX file

/addauthstr Generates BCU-AuthString.txt.

NOTE: Includes the unique signature strings required to change

BIOS settings on a system with HP Sure Admin enabled.

4
3BIOS configuration
BCU is a Windows-based tool that lets you create standard configuration settings and
deploy them across the enterprise. By creating a configuration text file with only the
setting you want to change, you can deploy it to all systems in the enterprise. If a
particular system does not support the specified setting, it will be ignored.

WMI support required

BCU requires HP custom WMI namespace and WMI classes (at the namespace root\HP\
InstrumentedBIOS) provided by BIOS. BCU will only support models with a WMI-compliant
BIOS, which are most commercial HP desktops, notebooks, and workstations.
Before running BCU, it is helpful to make sure that the HP BIOS WMI classes are in the
namespace root\HP \InstrumentedBIOS. When using BCU in WinPE, ensure that the WMI
component is added to the boot image using Microsoft® Deployment Image Servicing and
Management (DISM) tool.

Replicated setup
To create, save, and deploy the configuration settings, complete the following procedure:
1. Run the program BIOSConfigUtility.exe using the /GetConfig:config.txt
command-line parameter.
2. Edit the file config.txt. Remove properties that you do not want to change and modify
the other properties.

NOTE: Some properties, such as model and manufacturer, are read-only. Such
properties will be ignored with a warning if specified during /SetConfig.
NOTE: If a property value has not changed in the input configuration file from its
existing value in BIOS, it will be skipped during /SetConfig. It is recommended to
remove such settings during / SetConfig operation.
NOTE: If a property name or value is invalid or does not exist on the client system,
such settings will be ignored with a warning during /SetConfig.

The following config.txt example shows a configuration file that changes some
properties:
BIOSConfig 1.0
;
; Originally created by BIOS Configuration Utility
; Version 4.0.10.1 ; Date="2015-03-20"
Time="14:37:40" UTC="-5"
;
; Found 214 settings

5
 Asset Tracking Number
CORPTAG001ABCDEF
Removable Media Boot
Enable
*Disable Removable
Media Write
Enable
*Disable
Enter Ownership Tag property
of company XYZ
Boot Order
Network Controller
PnP Device#1
Hard Drive (C:)
CD-ROM Drive
IDE CD-ROM Drive Multibay
Device (A: or CD-ROM)
Diskette Drive (A:)
USB device
Cover Lock
Unlock
*Lock

3. Run BIOSConfigUtility.exe with the /SetConfig:config.txt command-line

parameter to apply the settings contained in config.txt.

Important notes
● The /Set and /Get functionality is supported on select commercial desktop, mobile,
and workstation systems. Supported settings vary by model.
● In BCU version 4.0.1.1 and later, the first line of the configuration file must be the
word “BIOSConfig,” followed by the file format version, currently 1.0. For backwards
compatibility, the word “English” is accepted. This keyword is deprecated and support
may be removed in the future. For BCU versions earlier than 4.0.1.1, the first line must
be the word “English.” ● The settings are indented with a tab character.

IMPORTANT:Indenting with space characters will not work.

● There is no space between /command: and the file name.

● Arguments containing spaces must be entered within quotes.

6 Chapter 3 BIOS configuration

 ● For commands that contain two comma-separated arguments, there must not be a
space before or after the comma.

Replicated setup
● Only password changes are guaranteed to take effect immediately and without a
reboot. All other settings might not take effect until after a reboot.
● The exact strings for some boot devices may vary between models. For example, the
network controller for Boot Order was identified with the tag “PNP Device #1” on one
system and “Network Controller” on newer systems. If your environment includes a
mix of systems, then ensure that all known values for a particular boot device are
placed together in the list relative to the next type of boot device. See the previous
example. Devices not found on the system are ignored. See the previous example,
noting that CD-ROM is specified several different ways.
● It is recommended that you do not mix replicated setup changes with software
updates that include BIOS firmware updates. It is a best practice to perform each
operation independently and to restart the system between each operation. This
procedure accommodates cases in which the internal structure of BIOS configuration
setting information changes between BIOS revisions.

Password management
BCU also has the ability to establish, modify, and remove the BIOS setup password. Use
the HP Password Encryption Utility (HPQPswd.exe) to create the password file needed to
specify new or current password. It is available at HP Client Management Solutions website
at http://www.hp.com/go/clientmanagement. See HP Password Encryption Utility on page
18 for password utility usage samples.
Use the following sample command to create a setup password on a system with no
existing password:
BIOSConfigUtility.exe /nspwdfile:"new password.bin"

Use the following sample command to modify the BIOS setup password use:
BIOSConfigUtility.exe /nspwdfile:"new password.bin" /cspwdfile:"current
password.bin"

Use the following sample command to remove the BIOS setup password use:
BIOSConfigUtility.exe /nspwdfile:"" /cspwdfile:"current password.bin"

NOTE: A password change command can be combined with BIOS configuration, in

which case the password is modified before the configuration is applied.
BIOSConfigUtility.exe /set:"configuration.txt" /nspwdfile:"new password.bin"

BCU with HP Sure Admin

HP Sure Admin enables BIOS Enhanced authentication mode (BEAM). This mode allows you
to set up additional steps for authentication.
When a system has HP Sure Admin enabled, BIOS requires an authorization string in order
to allow changes to BIOS settings rather than using a BIOS Admin Password. The

7
 authorization string contains the values specified by the /ot, /ar, and /uid command line
options, as well as a cryptographic signature.

NOTE: To Enable Enhanced BIOS Authentication Mode. Secure Platform Mode must
be in the Provisioned state, and you must use a authorization string either using
beamsetting.txt or /addauthstr to enable or disable.

There are three ways to change settings on a system that has HP Sure Admin enabled.
The following example shows you how to add an authorization string to a config file:
1. Run the following command: BIOSConfigUtility.exe /get:config. To create a copy of
config.txt

2. Open config.txt and make any changes you want to the configuration. 3. Run the following
command: BIOSConfigUtility.exe /set:<config>.txt /ar:0 / ot:0
/pkey:<signing_key>.pfx /addauthstr

NOTE:This command creates a file called BCU-Authstring.txt.

This depends on the anti-replay counter currently stored by the BIOS to be 0 and /ot:0.
To run this command a second time, change the /ar parameter to a larger number.
Refer to the definition of /ar for more details.

4. Run the following command: BIOSConfigUtility.exe /set:BCU-AuthString.txt NOTE:

All changes should now be applied.

The second method of making changes to a system with HP Sure Admin enabled is to use
beamsetting.txt

1. Run the following command: BIOSConfigUtility.exe /get:<config>.txt

2. Open <config>.txt, and make any changes you want to the configuration.

3. Put a file called beamsetting.txt in the root folder with BIOSConfigUtility.exe that includes
the following information:
● HP Beam Mode Setting
● AntiReplayValue=0
● OneTime=0
● TargetID=FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
● PrivateKey=<signing_key>.pfx

4. Run the following command: BIOSConfigUtility.exe /set:<config>.txt

NOTE: The TargetID field in beamsetting.txt is the Universally Unique Identifier (UUID) of
the system. If you want the signature strings to only be valid for one system, you can enter the
Universally Unique Identifier (UUID) in this field. To apply the config file to multiple systems,
leave as FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF.

To apply settings directly from the command prompt without BCU-Authstring.txt or beamsetting.txt:

1. Run the following command: BIOSConfigutility.exe /get:<config>.txt

8 Chapter 3 BIOS configuration
2. Open <config>.txt, and make any changes you want to the configuration. 3. Run the
following command: BIOSConfigUtility.exe /set:<config>.txt /ar:0 / ot:0
/pkey:<signing_key>.pfx

BCU with HP Sure Admin

Comments
BCU configuration files support adding comments by using the ‘;’ (semicolon) character.
Any line that begins with‘;’ is treated as a comment. The white space (including tab) in
front of ‘;’ is ignored. The comment does not carry over to the next line.
Example usage of comments:
BIOSConfig 1.0
; This file shows usage of comments in configuration files ; Below is an
example of comments using semicolon at beginning of line
Sunday
; *Disable
; Enable

; Below is an example of comments using semicolon after white space

(includes tab)
Monday
;*Disable
;Enable

; Below is an example where the semicolon is NOT considered as a comment.

Parallel Port
IO=3BC; IRQ=7
IO=378; NOT comment

A Error codes
Table A-1 Error codes

9
 Error code Description Notes

0 Success Operation succeeded.

1 Not Supported WMI result code – Setting is not supported on system.

2 Unknown WMI result code – Operation failed for unknown reason.

3 Timeout WMI result code – Operation timed out.

4 Failed WMI result code – Operation failed.

5 Invalid Parameter WMI result code – A parameter is missing or wrong type.

6 Access Denied WMI result code – Setting modification failed due to BIOS
permissions.

10 Valid password not provided. BCU was unable to find a valid password on the command-
line in the following cases:

● When attempting to change the password, the correct

password was not provided.

● When attempting to change the password, the new

password did not satisfy password requirements for
the platform.

● When attempting to change setting values, the

correct password was not provided.

11 Config file not valid. BCU was unable to locate the configuration file or unable
to read the file at the specified path.

12 First line in config file is not the First line in the configuration file must be the word
keyword “BIOSConfig”. “BIOSConfig” followed by the file format version, currently
“1.0”.

13 Failed to change setting. BCU failed to change one or more settings. Use /verbose
or / WarningAsErr to get status per setting.

14 BCU not ready to write file. Not used.

15 Command-line syntax error. Possible reasons for this error include the following:

● Invalid command-line option specified. Use /? or

/Help for available options.

● Invalid combination of command-line options used.

● Multiple password files were specified. Only one new

or current setup password file can be provided on
command-line.

● No configuration file name was specified with /set.

● No file name was specified with /cspwdfile or

/nspwdfile.

16 Unable to write to file or system. BCU was unable to connect to HP BIOS WMI. WMI classes
are corrupted or the system is not supported. See the
section WMI support required on page 4 for additional
information.

17 Help is invoked. Show usage text.

10Chapter 3 BIOS configuration

 Table A-1 Error codes (continued)
Error code Description Notes

18 Setting is unchanged. This return code is returned by BCU on a per setting basis
when / verbose or /WarningAsErr options are specified.
Settings with this return code are skipped when BCU
attempts to write to BIOS and do not affect BCU return
code.
19 Setting is read-only. This return code is returned by BCU on a per setting basis
when / verbose or /WarningAsErr options are specified.
Settings with this return code are skipped when BCU
attempts to write to BIOS. When / verbose is used, this
return code generates a warning and does not affect the
BCU return code. If /WarningAsErr is used, it results in
BCU error code 13.
20 Invalid setting name. This return code is returned by BCU on a per setting basis
when / verbose or /WarningAsErr options are specified.
Settings with this return code are skipped when BCU
attempts to write to BIOS. When / verbose is used, this
return code generates a warning and does not affect the
BCU return code. If /WarningAsErr is used, it results in
BCU error code 13.
21 Invalid setting value. This return code is returned by BCU on a per setting basis
when / verbose or /WarningAsErr options are specified.
Settings with this return code are skipped when BCU
attempts to write to BIOS. When / verbose is used, this
return code generates a warning and does not affect the
BCU return code. If /WarningAsErr is used, it results in
BCU error code 13.
23 Unable to connect to HP BIOS WMI System not supported. Unable to connect to HP BIOS WMI
namespace. namespace:
root\HP\InstrumentedBIOS. See the section WMI
support required on page 4 for additional information.
24 Unable to connect to HP WMI System not supported. Unable to connect to HP WMI
namespace. namespace: root \HP. See the section WMI support
required on page 4 for additional information.

25 Unable to connect to PUBLIC WMI System not supported. Unable to connect to PUBLIC WMI
namespace. namespace:
root\CIMV2. Ensure that WMI service is enabled and
running.
30 Password file error. Unable to read or decrypt the password file.

31 Password is not F10 compatible. If a platform does not support Unicode passwords, BCU
can set and change the password, but the password will
not function in F10 Setup.
BCU must be used to change or clear it.
32 Platform does not support Unicode Returned when the /Unicode option is used to check for
passwords. support.

33 No settings to apply found in Config Config file contains no settings or they are commented
file. out.
35 Missing parameter. BCU_OneTime_Not_Found.

36 Missing parameter. BCU_AntiReplayValue_Not_Found.

37 Missing parameter. BCU_PrivateKey_Not_Found.

38 Corrupt or missing file. BCU_Unable_LoadDll_BCUsignature.

39 DLL file error. BCU_Unable_GetClass_entry.

40 DLL file error. BCU_Unable_GetClass_Point

11
 41 Invalid UID. Invalid Universal Unique Identifier.
Appendix A Error codes
Table A-1 Error codes (continued)
Error code Description Notes

0x800400 Unexpected WMI error. PFX file does not contain a private key.
02
0x800700 PFX file is protected with a password and no or invalid
Unexpected WMI error.
56 password is provided
0x800920
Unexpected WMI error. Invalid PFX file
09
0x800700
Unexpected WMI error. The system cannot find the file specified
02

12Appendix B Sample configuration file

BSample configuration file
This configuration file shows a partial list of the BIOS settings for an HP ZBook 15:
BIOSConfig 1.0
; ; Originally created by BIOS Configuration Utility
; Version: 4.0.1.1 ; Date="2014-09-17" Time="09:39:33"
UTC="-5"
; ; Found 244 settings
;
Manufacturer
Hewlett-Packard
Product Name
HP ZBook 15
System Board ID
1909
Universal Unique Identifier(UUID)
7FAC190ABD17E411A132884C5F06E0FF
Processor Type
Intel(R) Core(TM) i7-4900MQ CPU
SKU Number
D5H49AV#ABA
Warranty Start Date
00/00/0000
Processor Speed
2.80GHz
Sunday
*Disable
Enable
Monday
*Disable
Enable
Tuesday
*Disable
13
 Enable
Wednesday
*Disable
Enable
Thursday
*Disable
Enable
Friday
*Disable
Enable
Saturday
*Disable
Enable BIOS Power-On Time (hh:mm)
00:00
PCID Version
A3.00
System Configuration ID
A3008DD20303
Define Custom URL

Total Memory Size

16384 MB
Memory Slot 1 Information
Top - Slot 2 (under) Hynix/Hyundai 4096 MB @ 1600 MHz
Memory Slot 2 Information
Bottom-Slot 2(right) Samsung 4096 MB @ 1600 MHz
Memory Slot 3 Information
Top - Slot 1 (top) Hynix/Hyundai 4096 MB @ 1600 MHz Memory Slot 4
Information
Bottom-Slot 1(left) Samsung 4096 MB @ 1600 MHz
Define Customized Boot Option

Enter Feature Byte

3X47676J6S6b7M7Q7U7W7saBaw.BQ
Enter Build ID
14Appendix B Sample configuration file
 13WWAVCW601#SABA#DABA
BIOS Date
06/24/2014
System BIOS Version
L70 Ver. 01.10
Serial Number
CND3220CMX
Video BIOS Revision
Intel(R) GOP Driver [5.0.1028]
Video BIOS Revision 2 nVidia 05/15/14
Keyboard Controller Version
94.51
Ownership Tag

Asset Tracking Number

Primary Battery Serial Number

13577 5/4/2013
Serial port
*Disable
Enable
Thunderbolt port
DisplayPort only
PCIe and DisplayPort
*PCIe and DisplayPort - require user approval for Thunderbolt legacy
devices
Secondary Battery Serial Number
No Battery Present
Parallel port
*Disable
Enable
Flash media reader
Disable
*Enable
USB Port
15
 Disable
*Enable
Express Card Slot
Disable
*Enable
Smart Card
*Disable
Enable
WWAN FCC ID
No Device Present
WLAN FCC ID
PD96235ANH
Bluetooth FCC ID
PD96235ANH
System Board CT
PXXXXA2WV4PYXW
Product Family
103C_5336AN G=D L=BUS B=HP S=ELI eSATA Port
Disable
*Enable
GPS FCC ID
No Device Present
MicroCode Revision
16
Language
*English
Francais
Deutsch
Espanol
Italiano
Dansk
Nederlands
Suomi
Japanese

16Appendix B Sample configuration file

 Norsk
Portugues
Svenska
Simplified Chinese
Traditional Chinese
Custom Logo
*Disable
Enable CD-ROM boot
*Disable
Enable
Fast Boot
Disable
*Enable
Backlit Keyboard Timeout *5 secs.
15 secs.
30 secs.
1 min.
5 mins.
Never
SD Card boot
*Disable
Enable Floppy boot
*Disable
Enable
PXE Internal NTC boot
*Disable
Enable
Legacy Boot Order mSATA Drive Notebook Upgrade Bay
Notebook Hard Drive
USB Floppy
USB CD-ROM
USB Hard Drive
Notebook Ethernet Dock Upgrade Bay eSATA Drive Boot Device 13 ...

17
 CHP Password Encryption Utility
The HP Password Encryption Utility (HPQPswd.exe) accepts a password entered by the
user, encrypts the password, and then stores it in a file for use by the BIOS. This utility
can be used in either command-line mode or GUI mode. To run it in GUI mode, double-
click the executable or run without parameters.
HP recommends using a strong password to protect managed assets.
The following is a sample command to create a password file in silent mode:
HpqPswd.exe /s /p"12345678" /f"sample password.bin"

In this example, /p specifies the password, and /f specifies the name and path of the
encrypted file.

NOTE:Use the /? command to invoke help for additional information on the password
utility.

HPQPswd.exe currently supports a maximum of 32 characters.

18
 Appendix C HP Password Encryption Utility

19