Move away from default password
Stewart Smith
stewart at linux.ibm.com
Fri Jun 21 08:38:28 AEST 2019
Carter Su(苏孝) <suxiao at inspur.com> writes:
> Having a default password is a security risk, but if per BMC has an unique password, it may not very convenient for customer to use.
> Customers will change the default password when they install new
> machinery, or they may creat new account and password for BMC to use.
I think there's a gap between what customers *should* do and what they
*actually* do.
Defaulting to as secure as possible is nice as it somewhat saves people
from themselves.
--
Stewart Smith
OPAL Architect, IBM.
More information about the openbmc
mailing list