Many security features have been introduced for use in electronic devices such as computer systems. Examples of security features include pre-boot authentication, theft deterrent and drive encryption to name just a few examples. The usage of security tokens such as fingerprint sensors, trusted platform modules (TPM) and smart cards is also gaining popularity. These features greatly enhance the security of electronic devices.
However, this increased security sometimes presents problems for authorized service personnel as well as the platform owner. In particular, authorized service personnel may be called upon to perform system management functions that security features have been designed to guard against. For example, an authorized service person may need to flash a system memory device that contains the system basic input-output (BIOS) system to replace corrupted program information. Flashing the BIOS may, however, require a security credential that is no longer available. Security credentials may become unavailable for a number of reasons. A user may forget or maliciously reset a system password. An employee whose fingerprint is needed to access a computer may quit a company or be otherwise unable or unwilling to provide the necessary authentication. In such cases, the rightful platform owner (the enterprise that owns the computer) may be blocked from access to the computer.
As another example, an authorized user may desire to reset a component of an electronic device that has become disabled as a result of a security feature. The component may be disabled as a security measure if, for example, the system experiences an excess number of bad authentication attempts. In addition, a system security device such as a fingerprint reader or TPM may be broken and need to be replaced with new hardware. If an authorized service person does not have access to required security credentials or a system component has become broken or disabled, the authorized person (using authorized person for both authorized service person and platform owner) may be unable to perform a system management function to place the system or component in working order. Moreover, the inability of an authorized user to perform needed management functions may render an otherwise valuable computer system permanently inoperative.