Hybrid hard disk drives (HDDs) include one or more rotating magnetic disks combined with non-volatile solid-state memory, such as flash memory. Generally, a hybrid HDD can have both the capacity of a conventional HDD and the ability to access data as quickly as a solid-state drive, and for this reason hybrid HDDs are expected to be commonly used in laptop computers.
Typically, password protection is employed in disk drives and other data storage devices to unlock the disk drive or data storage device and allow access thereto by an authorized user. For better performance, a hybrid HDD can store a copy of suitable drive security data, such as a hashed version of a password and/or drive locked/unlocked status, in the non-volatile solid-state memory portion of the drive. Because a copy of the drive security data is available in non-volatile solid-state memory, initial security measures that occur at start-up of the drive can be performed even before the rotating magnetic disks of the drive have spun up, such as password-protected login. Consequently, an authorized user of the hybrid drive can login to the drive several seconds sooner than is possible for a drive that only stores drive security data on the rotating magnetic disks.
However, when a copy of drive security data for unlocking the drive is stored in two locations in the hybrid drive, i.e., on the magnetic disks and in the non-volatile solid-state memory, the potential for unauthorized access to the drive is increased. For example, an unauthorized user targeting data stored on the magnetic disks of the drive can set an identical drive to power up to a default unlocked state, in which case drive security data stored in the non-volatile solid-state memory indicates that the drive is unlocked upon powering up, and is not password protected. The unauthorized user can then replace the non-volatile solid-state memory of the target drive with the non-volatile solid-state memory of the identical-but-unlocked drive. Upon powering up, the target drive is unlocked, since the target drive now includes a non-volatile solid-state memory storing drive security data indicating that the drive remains unlocked upon powering up. Thus, an unauthorized user can readily access data stored on the magnetic disks of the target hybrid drive. So while hybrid drives can provide improved performance at startup, maintaining security of data in a hybrid drive from unauthorized access can be an issue.