Abstract: A method for securing BIOS passwords in a server computer under a BIOS user privilege control operation is disclosed. Said method comprises: a BIOS (Basic Input/Output System) of the server computer requesting a BMC (Baseboard Management Controller) to enter a password authentication mode for user privilege authentication; the BMC receiving passwords inputted by a user and comparing the inputted passwords with valid passwords, wherein the valid passwords are stored in the BMC; the BMC deciding an authentication result after the comparing the inputted passwords with the stored valid passwords and saving the authentication result; and the BMC exiting the password authentication mode and notifying the BIOS of the authentication result; wherein the BMC passes fake scan codes of key strings of the inputted passwords to the BIOS, such that the BIOS does not have access to the actual passwords.

Abstract: A method for securing BIOS passwords in a server computer under a BIOS user privilege control operation is disclosed. Said method comprises: a BIOS (Basic Input/Output System) of the server computer requesting a BMC (Baseboard Management Controller) to enter a password authentication mode for user privilege authentication; the BMC receiving passwords inputted by a user and comparing the inputted passwords with valid passwords, wherein the valid passwords are stored in the BMC; the BMC deciding an authentication result after the comparing the inputted passwords with the stored valid passwords and saving the authentication result; and the BMC exiting the password authentication mode and notifying the BIOS of the authentication result; wherein the BMC passes fake scan codes of key strings of the inputted passwords to the BIOS, such that the BIOS does not have access to the actual passwords.