Hello there. This time, I’ll be demonstrating how to unlock an encrypted drive with Parted Magic’s PSID Unlocker, a tool I wrote back in 2019.
The Video
PSID Unlocker GUI – The Writeup
What is a PSID key?
PSID stands for Physical Security Identifier. The idea is that, as the key is printed on the case of the drive, you need to have physical access to the drive to unlock it, improving security.
Why unlock a disk?
Generally, you would want to unlock a disk using the PSID when you are unable to secure erase it. PSID-locked drives cannot be secure erased with the ATA/NVME Secure Erase command.
How do I know if my drive is locked?
The most telltale sign is when you open the Secure Erase GUI, and the disk doesn’t show up as a device available for wiping. It doesn’t show up at all, not even as a “frozen” drive.
How do I unlock my drive?
Simply open the “Erase Disk” menu, and select “PSID Unlocker”. It may take a minute to open and gather device information depending on the speed of your system. Your drive should show up in the list here. Note: The key is case-sensitive – make sure your caps lock is off. The PSID is physically located on the drive, so you may need to copy it down before entering.
Once you’ve got the PSID key, enter it in the field next to your drive and hit Unlock. If successful, it should turn green. If you entered the wrong PSID, or try to unlock a drive that isn’t locked, the field will turn red.
IMPORTANT NOTE: Running this command on certain older drives with buggy firmware may erase ALL DATA on the drive. This is fine if you’re wiping the drive anyway, but you have been warned.
How do I verify that my drive is now unlocked?
If you open the Secure Erase GUI again, it should now show up in the list, and can be erased successfully.
PSID Unlocker GUI – Summary
The PSID GUI turns a unlocking drives, a complicated task involving the command line, into something that can be done easily in a few minutes. After that, you can get on with what you were doing and secure erase the drive without further delay. You can purchase Parted Magic to access this tool on their website (affiliate link - I earn commission for purchases made through this link).
I hope this has been a useful tutorial, and stay tuned for more posts coming soon.
![](data:image/svg+xml,<svg xmlns="http://www.w3.org/2000/svg" width="350" height="200"><rect fill-opacity="0"/></svg>)
Thanks for your great explanation, but could you also tell us how long the unlock lasts? Is it only meant to last as long as the ssd is powered and then auto resettet to locked state? And if not, how to lock the device again?
This permanently unlocks the drive.
Relocking it again can be done as per the instructions at: https://github.com/Drive-Trust-Alliance/sedutil/wiki
Hope this helps,
Hamish
Thank you too for all the work you’ve put into this. I have been refurbishing many laptops to donate to schoolchildren, and a Lenovo T480 I am working on at the moment is the first example of a machine with a disk that has required unlocking. The unlocker worked, but unfortunately the subsequent NVMe Secure Erase failed, so I had to use the dd option instead.
You’re welcome, its always nice to get some feedback. Could I possibly have a quote from that for a testimonial please?
I wonder why the secure erase failed. What error did you get? I’ve had a few isolated reports of this and haven’t been able to find any cause, apart from possibly damaged drives.
Certainly. The laptop now has CloudReady on it in preparation to pass on, so the drive appears to be OK. I looked at the erase log and couldn’t find any clues.
SAMSUNG MZVLB256HAHQ-000L7 (/dev/nvme0n1) SERIAL NUMBER: xxx SIZE: 238.5G RESULTS: Erase Failed
Well, glad it seems okay.
Thanks, I’ll look it up and see if that model is known to have issues – some just don’t secure erase properly due to firmware issues I think.
Do you enter any dashes listed for the SSD’s PSID?
Hi Trevor,
Please don’t insert the dashes – they are not needed and may cause the unlock to fail.
Hamish