Modern computing devices, such as laptops, smartphones, mobile internet devices (MIDs), and tablets, often carry sensitive personal and professional data. Protection of such data from theft by malicious attack is increasingly important. As malicious attacks become more sophisticated, security is increasingly difficult. In response to those threats, user authentication schemes currently exist at different points in the boot process, such as at the BIOS (Basic Input Output System), PBA (Pre Boot Authentication level), or at the operating system (OS) log-on.
However, even those types of user authentication may be vulnerable to attack in certain circumstances. BIOS-based passwords are known to be insecure—the passwords are stored in memory at a known location and are thus susceptible to being disabled or hacked. Furthermore, BIOS-based passwords are optional and may not be enabled. Additionally, both PBA and OS passwords can be bypassed by changing the boot drive on the computing device or by selecting a boot source other than the hard disk. Moreover, most components of the computing device will be initialized and executing by the time the computing device is ready to accept a user authentication, which may leave the entire system vulnerable to attack.