Can you share what platform you are experiencing these issues on?
Password expiration is not defined behavior so I would like to fix this if possible.
On newer platforms in progress we are addressing requests to allow longer passwords, which was a previous request from the community.
I was asked to change the bios password two times since I got my fw13 with Amd 7640u in late November. Once it happened in mid/late December iirc. It expired again in late February (this time the laptop had been powered off for some days because I was away and I left it at home, donât know if this matters). Bios version was 03.03.
That kind of attitude isnât likely going to get the result you want, he trying to help yâknow.
Sorry. I guess Iâll stay away from thisâŚ
7840U FW13 has told me my BIOS password has expired twice now and forced me to change. I havenât gone into the BIOS since a few months ago, but I suspect itâs probably expired again.
My Password has expired several times now. I canât say it exactly but it must expire every several weeksâŚmaybe 4 weeksâŚ
Yes, itâs being discussed and looked into. Additionally.
@Kieran_Levin
would framework also address the bios password issue on the next release of bios?
Yes, that matches the sha256 of the zip file I downloaded
we will investigate this, but this will most likely not make it in to the next AMD bios update, as we are too far along in the release process to update.
Thanks, thatâs good to know! Even if it wonât make it into the next release, itâs great to know that youâre working on this.
I believe you can trigger the password expiration by disconnecting the battery, by the way. If youâre looking for a way to debug this, I mean. As I recall, I was forced to change the password after that.
In my case, it happened with pre-installed 3.03 on 7840U
Refer to [RESPONDED] Complexity rules for BIOS password? Why? (Moved) - #18 by Vlad_Didenko
Do not care for LONGER passwords. Framework should allow users to disable password complexity and expiration enforcement. I want actually to own what I paid for.
I think you may have missed out on one line in @Kieran_Levin 's post.
âPassword expiration is not defined behavior so I would like to fix this if possible.â
He spoke of longer passwords after that.
Getting rid of complexity rules would be a nice thing, too. Although that really is a small concern for me, as long as the rules donât get any worse. At the current level, âpasswordâ becomes âP4ssword.â and weâre done. But I guess dropping the rules shouldnât be hard to do when length and expiration are addressed.
@Kieran_Levin Whatâs important (imo) would be the password-reuse, though! Itâs no good behaviour that the firmware wonât allow me to use a previous password. You can leave a warning in but there are good use cases for reusing a password (e.g. using a stronger, harder to memorize password in critical situations, then reverting to a more relaxed password for secure environments).
(Edit: Thinking about it another time: If you leave the warning in, you need to retain the hash of the more secure password, which is not behavior that Iâd wish for in my threat model considerations.)
Nope, I did not miss anything. My general request stands:
allow disabling all of the password enforcement as a whole
It may be easiest programmatically to return systems to the state of no surprise for users.
FW13 with AMD Ryzen. And the expiration unfortunately does not work reliably when the laptop runs out of power (or rather - it reliably expires when the battery runs out :)) so I would rather have the option to get rid of it. (Or at least clearing the password history, which seems to be three previous passwords.)
Having the same problem. Additionally to the bios admin password I also use bios startup password which makes me select a new password approximately every month, not only when entering bios, but also when just booting normally. I have a few pretty good passwords that also can be adopted to fit 10 characters, but having to come up with a new password every month will either lead to unsecure passwords or people forgetting which modification they did this time or both.
I am running a Framework Laptop 13 (AMD Ryzen 7040 Series), BIOS Firmware Version 3.03
Please allow disabling password complexity and expiry as those just ruin the otherwise smooth FW experience!
Good news, your issue will be resolved next week with the release of a BIOS update
Iâm not so sure about that - there was a bug causing a reset of the bios password on bios update, holding up the bios release, that they fixed, so the release can go out. I donât think they yet changed the behavior to not do time-based expiration.
So hopefully the next bios update after the one expected next-week-ish, probably a few months later.
Wow, I really hope they fix this because I want to buy a FW13 for my son to use for school but the bios password expiration is a dealbreaker. I hope my FW16 bios password doesnât expire too 
Having a bios password is a basic necessary protection in many environments and having the password expire makes it unusable. Iâve never encountered bios password expiration in 25 years of working with laptops & desktops in IT.
We are seeing progress. Thanks.
