In a server computer, the traditional BIOS User Privilege Control operation runs on a system processor, which uses BIOS to perform user authentications. BIOS User Privilege Control comprises User Privilege and User Authentication. User privilege can be read from Non-volatile random-access memory (NVRAM) or written to NVRAM by BIOS. User Authentication depends on saved User Privilege.
In traditional methods, BIOS reads the valid passwords from an NVRAM and the user inputs the passwords from a keyboard. The passwords may be a single string of a password or a list of passwords. The BIOS compares the inputted passwords with the valid passwords. When the user changes the passwords, the BIOS saves the new passwords and sets the user privilege on the BIOS NVRAM.
Such traditional methods handle the user privilege in an unsecured way due to the lack of anti-spy mechanism or encryption over the network. Any spy software may crack the BIOS passwords and then get power on or administration privileges, such that the hacker may obtain the control privilege of a server computer. In a server group, which uses one global set of passwords for all server computers, if the hacker steals the passwords from a server computer in the server group, he/she can then obtain the control privilege of all of the server computers in the group and steal any data in the whole group.