Skip to content

HDAT2 - ATA Security Unlock Guide

HDAT2 Overview

HDAT2 is a freeware DOS-based hard drive diagnostic and security tool. Among other things, it can unlock ATA security locked disks by trying vendor master passwords, including built-in defaults for major drive manufacturers.

ATA Security Background

ATA security is a feature built into most hard drives and SSDs. The drive can hold two passwords:

  • User password: set by the user or a BIOS/firmware
  • Master password: set by the manufacturer, used for recovery

When a disk is security locked, it requires the correct password before granting access. This commonly happens when:

  • A laptop BIOS sets a HDD password and the machine fails or is scrapped
  • The BIOS password is lost or forgotten
  • The drive is moved to another machine that does not know the password

The master password is the recovery path. Many manufacturers ship drives with a well-known default master password. For example, Toshiba uses 32 space characters (' ' * 32). HDAT2 ships with a built-in list of these vendor defaults, making it easy to attempt an unlock without knowing the original user password. Unlocking via master password resets the user password and restores normal access.

Data implications

Unlocking with a master password in high security mode may trigger a secure erase of the drive's contents. In maximum security mode, unlocking restores access without erasing. Check your drive's documentation to know which mode is active. When in doubt, assume data may be lost.

Getting HDAT2

Download the latest HDAT2 ISO from the official site: hdat2.com

The ISO contains a minimal DOS environment that boots HDAT2 automatically.

Booting HDAT2

Ventoy is the recommended approach. It works on both classic BIOS and UEFI machines, supports booting the DOS ISO without any extra configuration, and lets you keep multiple ISOs on the same USB drive. Simply copy ISOs into the Ventoy data partition and pick them from the boot menu.

Install Ventoy to a USB drive

Download Ventoy and run the installer for your OS. It creates two partitions: a small Ventoy boot partition and a large data partition.

Install Ventoy to USB (Linux)
sudo sh Ventoy2Disk.sh -i /dev/sdX  # (1)!
  1. Replace /dev/sdX with your USB drive device.

Copy the HDAT2 ISO to the Ventoy data partition

Mount the data partition and copy the ISO into it:

Copy ISO to Ventoy partition
cp hdat2_vXXXX.iso /mnt/ventoy/  # (1)!
  1. Adjust the mount point to wherever the Ventoy data partition is mounted.

Boot the target machine from the Ventoy USB

In the BIOS/UEFI boot menu, select the Ventoy USB. Ventoy presents a menu listing all ISOs on the drive. Select the HDAT2 entry. Ventoy uses MEMDISK or its own compatibility shim to load the DOS environment.

Unlocking the Drive

Once HDAT2 is running, you will see a list of detected drives.

Select the locked drive

Use the arrow keys to highlight the ATA security locked drive. A locked drive is indicated in the drive info panel. Press Enter to open it.

Open the Security menu

Navigate to HDD Security (the exact menu label may vary by HDAT2 version). You will see options including:

  • Unlock (with user password)
  • Unlock (with master password)
  • Disable security
  • Secure erase

Try the built-in master password list

Select Unlock with master password, then choose the option to try the built-in password list. HDAT2 will iterate through known vendor defaults, including:

  • Toshiba: 32 space characters
  • Seagate, Hitachi, Samsung, and others: various vendor defaults

If a password matches, HDAT2 reports success and the drive is unlocked.

Verify and disable security

After a successful unlock, go back to the Security menu and select Disable security (with either the now-reset user password or the master password) to permanently remove the ATA password from the drive. This prevents the drive from being locked again on next boot.

Verifying on Linux

After booting back into a normal system, verify the drive security state:

Check ATA security status
hdparm -I /dev/sdX | grep -A5 Security  # (1)!
  1. Replace /dev/sdX with the target drive.

A healthy, unlocked drive with no security set shows:

Security:
    Master password revision code = 65534
    not supported
    not enabled
    not locked
    not frozen
    not expired: security count
    supported: enhanced erase

The key lines are not enabled, not locked, and not frozen.