Recently Supermico® announced that they will begin implementing a new security feature for the BMC firmware stack on all-new X10, X11, H11, H12, and all future generation products.
Supermicro will no longer be using the default password "ADMIN" for new devices or systems, therefore in the near future, they will begin to ship systems with a "Unique Pre-Programmed Password" on every hardware device with a BMC.
This is a very important move to improve the overall security of Supermicro based systems and Boston Labs welcomes this announcement. The move also helps those who are not aware that their server has an open BMC port and have not secured it, mitigating the risk of compromise much less likely.
The default/unique password will be printed on stickers provided with the system in easy to find locations to minimise the impact of the change.
From an administrative perspective, this will make deployment a little more complex as a record of each unique password will need to be to hand to access the BMC. To simplify things for our customers, Boston will be in a position to retrieve default passwords for our provided systems on demand and provide credentials ready to populate scripts in advance of delivery to avoid delay.
More detailed information about how the unique password system will work and which IPMI version enables the function for each product can be found at the following links.
https://www.supermicro.com/en/support/BMC_Unique_Password
https://www.supermicro.com/support/BMC_Unique_Password_Guide.pdf