I was helping a friend replacing the battery and thermal paste on his System 76 laptop. Never own one before but I notice it runs a special BIOS version, Coreboot. It turns out there are Coreboot and Lireboot. .These help to boot really fast though.
Anyway, I notice there are no password BIOS lock like on Lenovo. How would this protect against someone plug a USB in and just wipe my drive? On Lenovo you can set a supervisor / boot passwords, and you can remove USB drives from the boot list.
Maybe from another perspective, BIOS passwords are a weak defense. The BIOS settings storage are powered by a small battery and can be reset by removing the battery. As others have mentioned, protecting the data is the priority and done through encryption. Protecting the device itself is not really possible in most cases anyways.