security – Self Encrypting Disc (SED) enabled SSD password / key requirements

Several SSD manufacturers have released Self Encrypting Disks (SEDs) which use hardware encryption on the disk.

This is OS agnostic, and should generally be faster than software based encryption like LUKS-dmCrypt or Bitlocker etc.

However, I could not clarify if such a disk, and encryption, if used, would always require a password prompt upon reboot.

As I understand it, the password / key for these SEDs is generally stored inside a special ATA password field in BIOS. When OS boots, the disk looks to this password / key and decrypts, and remains decrypted as long as OS is in session. But am not sure whether it prompts the user for a password and does a match upon reboot or decrypts without any intervention..

Currently, I require the disk to not require any password prompt upon system boot, it should take it from the BIOS. I know that if the PC gets stolen, then data is exposed, but at least I want to ensure that disk theft will not cause data exposure.

If this is not possible, that a SED will always ask for a password prompt when OS boots, would it help if the key be placed in a TPM instead, assuming that is possible, not sure if it would make a difference though.