Intel
®
Compute Module MFS2600KI TPS System Security
Revision 1.0 27
Intel order number: G51989-002
4. System Security
4.1 BIOS Password Protection
The BIOS uses passwords to prevent unauthorized tampering with the server setup. Passwords
can restrict entry to the BIOS Setup, restrict use of the Boot Popup menu, and suppress
automatic USB device reordering.
There is also an option to require a Power On password entry in order to boot the system. If the
Power On Password function is enabled in Setup, the BIOS will halt early in POST to request a
password before continuing POST.
Both Administrator and User passwords are supported by the BIOS. An Administrator password
must be installed in order to set the User password. The maximum length of a password is
14 characters. A password can have alphanumeric (a-z, A-Z, 0-9) characters and it is case
sensitive. Certain special characters are also allowed, from the following set:
! @ # $ % ^ & * ( ) - _ + = ?
The Administrator and User passwords must be different from each other. An error message will
be displayed if there is an attempt to enter the same password for one as for the other.
The use of “Strong Passwords” is encouraged, but not required. In order to meet the criteria for
a “Strong Password”, the password entered must be at least 8 characters in length, and must
include at least one each of alphabetic, numeric, and special characters. If a “weak” password is
entered, a popup warning message will be displayed, although the weak password will
be accepted.
Once set, a password can be cleared by changing it to a null string. This requires the
Administrator password, and must be done through BIOS Setup or other explicit means of
changing the passwords. Clearing the Administrator password will also clear the
User password.
Alternatively, the passwords can be cleared by using the Password Clear jumper if necessary.
Resetting the BIOS configuration settings to default values (by any method) has no effect on the
Administrator and User passwords.
Entering the User password allows the user to modify only the System Time and System Date in
the Setup Main screen. Other setup fields can be modified only if the Administrator password
has been entered. If any password is set, a password is required to enter the BIOS setup.
The Administrator has control over all fields in the BIOS setup, including the ability to clear the
User password and the Administrator password.
It is strongly recommended that at least an Administrator Password be set, since not having set
a password gives everyone who boots the system the equivalent of Administrative access.
Unless an Administrator password is installed, any User can go into Setup and change BIOS
settings at will.
In addition to restricting access to most Setup fields to viewing only when a User password is
entered, defining a User password imposes restrictions on booting the system. In order to
simply boot in the defined boot order, no password is required. However, the F6 Boot popup