Score:0

Server

Why does my Dell server BIOS asks for the BIOS password during a regular reboot?

Csaba Toth

4/26/24, 12:27 AM

I have a Dell PowerEdge T350 server. I enabled TPM and Secure Boot as well. For these I needed to specify a BIOS password (which I would have done anyway). What startles me is that the server keeps asking for a BIOS password at every freakin boot, even when I don't want to enter the BIOS (most of the time I don't want). I expect to be prompted for a BIOS password only asked for when I want to actually enter the BIOS. Not every time.

I don't see right away which BIOS settings control that and I tried various search phrases but I only get to articles which tell me how to set a password in the BIOS. The server itself is pretty "standard": one OS (Windows Server 2022), UEFI BIOS, I haven't changed much in the BIOS besides TMP and Secure Boot, apart from also enabling SGX under the TPM.

Related Dell community forum entry

389

2 + 2

password

dell

bios

dell-poweredge

Jaromanda X

4/26/24, 1:28 AM

what are the available options for secure boot policy and secure boot mode

Csaba Toth

4/26/24, 1:36 AM

@JaromandaX Secure Boot Policy: Standard / Custom. When I switch to custom via iDRAC nothing extra happens on the web GUI (since I'm not physically sitting at the console I don't see the BIOS's help or how it reacts). Secure Boot Mode: User Mode / Audit Mode / Deployed Mode

Score:1

Server

Csaba Toth

4/27/24, 6:58 AM

I'm almost sure that it's gonna be what @DELL-Joey C pointed out in the dell forums: I'm almost certain that I set the system BIOS password, whereas what I want is to set the BIOS setup password - that would be the one which is only prompted if I'd want to enter the BIOS. The system password is prompted all the time.

Now I just have to figure out how to clear the system BIOS password through the iDRAC web GUI. I clear the SHA and the slat fields but they keep popping back after I Apply my changes.

Update: I was not able to clear the system password via iDRAC web. However sitting at the console physically we were able to set the setup password and then clear the system password (without turning of Secure Boot or TPM). Problem solved.

+ 2

Csaba Toth

4/27/24, 6:47 PM

This may not be possible to clear via the iDRAC web. Another thing to figure out: is it even possible to not have a system password when the Secure Boot is turned on. If I recall correctly when I turned Secure Boot on I was forced to specify a password.

Csaba Toth

5/2/24, 12:10 AM

I highlighted the most important keywords (type of passwords)

Score:0

Server

Arrow Root

4/26/24, 5:07 PM

The BIOS password is in fact is a BIOS POST password, the password is stored directly on the BIOS chip. Since it relies on POST and also controls the system initialization, it will asks for password everytime the POST procedure happens. If you want to continue to use this password, you need to input it in order to boot your system.

https://wiki.archlinux.org/title/security#Locking_down_BIOS

https://www.techtarget.com/searchenterprisedesktop/definition/BIOS-password

+ 7

Csaba Toth

4/27/24, 6:59 AM

This is generic and not applicable to my case

Arrow Root

4/27/24, 12:26 PM

It is exaclty your case, you are using a BIOS password, not a BIOS setup password. If you want to continue to use it, you'll be prompted to input password each time the system boots.

Csaba Toth

4/28/24, 3:55 PM

Both the system and the setup passwords are BIOS passwords. You didn't mention system or setup passwords, just quoted some generic stuff I also found with my searches, it didn't help

Arrow Root

5/1/24, 12:20 PM

Do you understand the password you set is stored in a place that relies on the POST proccess? Do you understand that since your password relies on POST, everytime you reboot your system it will ask for the password you set?

Csaba Toth

5/2/24, 12:05 AM

Have you actually read the solution? I think you are in a write-only mode. Please take just 30 seconds to read the marked answer. With that solution the system is now booting without asking for a password (surprise), and only asks for it if I'd want to actually enter the BIOS. The BIOS does not always have to ask for a password, it depends on the BIOS type and which password you set exactly.

Csaba Toth

5/2/24, 12:10 AM

I highlighted the keywords which led me to the answer.

Arrow Root

5/2/24, 12:02 PM

I didn't figured out that answer is a solution, because it isn't marked as one so I just didn't read. My bad. I'm happy you was able to solve it.

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Why does my Dell server BIOS asks for the BIOS password during a regular reboot?

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.