Home » Tips & Tricks » How to Configure Surface Laptop 3 UEFI/BIOS Settings

How to Configure Surface Laptop 3 UEFI/BIOS Settings

In this article, you will find out how to enter the Surface Laptop 3 UEFI/BIOS settings and how to manage device boot order, devices, security and more.

BY Evan Forrest Last updated Apr 30, 2021

UEFI or Unified Extensible Firmware Interface is a new motherboard firmware standard that allows your PC boot faster and has more security features. Starting with Surface Pro 4, Microsoft has created its own Surface UEFI for using with its future devices. This new Surface UEFI is currently used on newer devices including Surface Go, Surface Pro, Surface Laptop, Surface Book and Surface Studio.

In this article, you will find out how to get to the Surface Laptop 3 UEFI settings. You will see also how to configure the UEFI settings to improve the device security, check your device information and more.

How to access Surface Laptop 3 UEFI settings?
How to Check Your Surface Laptop 3 Device Information via UEFI settings?
How to Configure Device Boot Order on the new Surface Laptop 3?
How to Manage Device Components on Surface Laptop 3?
How to change your Surface Laptop 3 Date and Time via Surface UEFI?
How to Protect UEFI settings with a password on Surface Laptop 3?
What is Secure Boot Control?
What is the Trusted Platform Module (TPM)?

1 How to access Surface Laptop 3 UEFI settings?

You can enter the Surface Laptop 3 UEFI setup screen only while your device is starting up. Here is how you do that:

Shut down your Surface Laptop 3.
Press and hold the Volume Up (F4) key on your Surface, then press and release the Power Key next to the Del key.
When you see the Surface logo appear, release the Volume Up button. The Surface UEFI screen will appear in a few seconds.

After you have made any changes to the UEFI settings, you can restart your Surface by:

In Surface UEFI menu, choose Exit, and click on Restart Now

2 How to Check Your Surface Laptop 3 Device Information via UEFI settings?

The first displayed page when you enter UEFI settings is the PC information page. On the page, you can find out more information about your device identities such as Model, System UUID (Universally Unique Identifier), Serial Number, and Asset Tag. Moreover, it also displays all important system other components version that you might need for troubleshooting.

3 How to Configure Device Boot Order on the new Surface Laptop 3?

To change the alternate system boot order on your Surface Laptop 3:

Enter Surface UEFI settings as the instructions above.
In Surface UEFI menu, go to the Boot Configuration page as below:

On the “Configure boot device order” page, you can:

Rearrange boot order by drag and drop any boot option available on the list.
Enable or disable any boot option by using the checkbox
Remove available boot options permanently by using the trash button.

Note if you accidentally delete Windows Boot Manager from your Master Boot Record, simply restart your Surface and Windows Boot Manager will reinstall automatically.

4 How to Manage Device Components on Surface Laptop 3?

Surface Laptop 3 allows you to disable some of your surface device components and features to meet your specific security requirements. You can enable or disable those components by:

Access Surface UEFI settings as the instructions above.
In Surface UEFI menu, go to Devices and you will see the following options:
In my Surface Laptop 3 with System UEFI version 6.22.140, you can choose to enable or disable the following device’s components or ports:
1. Docking USB Port
2. All Cameras (Front Camera and IR Camera)
3. On-board Audio
4. Wi-Fi & Bluetooth
5. Bluetooth

5 How to change your Surface Laptop 3 Date and Time via Surface UEFI?

The new Surface UEFI now allows you to set your Surface Laptop 3’s date and time right on the UEFI settings page. To check or set date and time for your Surface Laptop 3:

Enter Surface UEFI settings as the instructions above.
In Surface UEFI menu, go to Date and Time page as below:
To set a new date and time, select the edit box and type your new date and time.
Press Enter to apply changes.

6 How to Protect UEFI settings with a password on Surface Laptop 3?

You can prevent others from changing your UEFI settings by setting an Administrator Password in UEFI settings. To do that:

Enter Surface UEFI settings as the instructions above.
Go to the Security section as below:
To set UEFI password, click on Add or Change button and you will see the following requirements:

You will need to enter a password in the box with your keyboard or the on-screen keyboard with the following criteria:
- Minimum Length: 6 characters
- Maximum Length: 128 characters
- May contain a combination of letters, numbers, and special characters.
In case you have already set the password before and you want to remove it, simply leave the password box as blank.

Note If you enter the administrator password incorrectly three times, you’ll be locked out of the UEFI. Restart your Surface to enter the password again.

Important If you set a password for the UEFI, record it in a safe place. If you forget the password, you won’t be able to access the UEFI settings. You can only reset the administrator password from within the UEFI.

7 What is Secure Boot Control?

The Secure Boot is a technology that blocks the loading of uncertified bootloaders and drives. It helps to prevent your Surface from being loaded with unauthorized operating systems and malicious software applications.

If you desire to install other operating systems like Ubuntu, or other Linux distributions, you may need to disable this feature in the UEFI settings above.

8 What is the Trusted Platform Module (TPM)?

The Trusted Platform Module (TPM) is a technology that provides a major advancement over BIOS in hardware-based security features. It is a specialized chip that stores RSA encryption keys specific to each Surface device for hardware authentication.

TPM technology is a requirement of BitLocker disk encryption. The TPM helps you to encrypt/decrypt the entire disk without required your complex long passphrases. It means that the encryption key and decryption key are stored within the TPM chip. So your encrypted disks can’t be accessed on other devices.

Other Surface’s UEFI Settings

We have also covered this topic for other Surface PCs as well, to learn more about other Surface’s UEFI settings check the link below:

Ultimate Tips and Tricks for Mastering Microsoft Surface Laptop 3

Related Topics BIOSSurface LaptopSurface Laptop 3UEFI

Evan Forrest

Evan Forrest is Editor-in-Chief of Surface Tip, researching and writing articles about Surface-related news, tips, and accessories. He has been using Surface devices since the first release of the original Surface Pro. He is currently using a Surface Laptop 3 as a full-time daily-driver machine. Besides that, he also owns multiple Surface devices including Surface RT, Surface 3, Surface Go/Go 2, Surface Pro 3, Surface Book, and a bunch of Surface accessories to help in research and writing articles.

COMMENTS

Let us know what you think!

We appreciate hearing your thoughts, questions, and ideas about “How to Configure Surface Laptop 3 UEFI/BIOS Settings”.

Dan says:

September 7, 2020 at 4:14 am

On my device Volume Up is on F4. F6 is not working as described in that case.

Reply
Zaki says:

January 29, 2022 at 5:09 pm

I have surface laptop 3 and its SSD drive was not working (showing only surface logo and stuck on that) and when try to install thru windows 10 USB it shows the disk but no option to select.
HDD replace windows installed its working fine, but when shut down and press power button after one hour it shows surace logo then off and keep on repeating it and after 10 to 15 attempts it start and works fine, Restart work fine and even if shut down and withing 5 to 10 min Start button pressed, it works fine, but only after some time it gave issue with start up.
Any one have any cluse wts the issue or any one have idea how to upgrade BIOS, its 9.106.140, 4/30/2021

Reply