CN111339525B - BIOS (basic input output System) starting password setting method, system and device - Google Patents
BIOS (basic input output System) starting password setting method, system and device Download PDFInfo
- Publication number
- CN111339525B CN111339525B CN202010130106.9A CN202010130106A CN111339525B CN 111339525 B CN111339525 B CN 111339525B CN 202010130106 A CN202010130106 A CN 202010130106A CN 111339525 B CN111339525 B CN 111339525B
- Authority
- CN
- China
- Prior art keywords
- password
- user
- user password
- memory
- bios
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 94
- 230000008569 process Effects 0.000 claims abstract description 49
- 230000001360 synchronised effect Effects 0.000 claims description 19
- 238000010200 validation analysis Methods 0.000 claims description 7
- 238000004590 computer program Methods 0.000 claims description 6
- 238000001514 detection method Methods 0.000 claims description 5
- 230000007246 mechanism Effects 0.000 claims description 4
- 230000009286 beneficial effect Effects 0.000 abstract description 2
- 230000009471 action Effects 0.000 description 3
- 230000003993 interaction Effects 0.000 description 3
- 238000010586 diagram Methods 0.000 description 2
- 230000032683 aging Effects 0.000 description 1
- 230000018109 developmental process Effects 0.000 description 1
- 230000006870 function Effects 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/45—Structures or tools for the administration of authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/604—Tools and structures for managing or administering access control systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2141—Access rights, e.g. capability lists, access control lists, access tables, access matrices
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- General Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- General Health & Medical Sciences (AREA)
- Bioethics (AREA)
- Health & Medical Sciences (AREA)
- Automation & Control Theory (AREA)
- Stored Programmes (AREA)
Abstract
The invention discloses a setting method of a BIOS starting password, which comprises the steps of setting a user password and the effective time length of the user password, and storing the user password in a first memory of the BIOS; when the set time of the user password reaches the effective time, clearing the password storage area in the first memory; judging whether a password storage area in a first memory is empty or not in the process of initializing the starting BIOS of the server; if not, prompting to use a user password to start up; and if the password is null, determining that the user password is invalid. Therefore, the method and the device have a certain time requirement on the authority of the user for operating the machine, namely the authority of the user for operating the machine is invalid after a certain time, so that the safety of the server and the data thereof is improved. The invention also discloses a system and a device for setting the BIOS starting-up password, and the setting method has the same beneficial effects.
Description
Technical Field
The present invention relates to the field of server security, and in particular, to a method, a system, and an apparatus for setting a BIOS boot password.
Background
With the development of computer technology, the security problem of the server is more and more emphasized. At present, a server usually embeds a plurality of security policies in the use of a Basic Input Output System (BIOS) which is a key component having functions of hardware boot detection, external hardware loading, OS (Operating System) booting, and the like, for example, setting a BIOS boot password during the boot process of the server.
In the prior art, the process of setting the BIOS boot password includes: the method comprises the steps that a set BIOS starting password is stored in a storage position appointed by a server in advance; and prompting a user to input a BIOS starting password in the process of initializing the server starting BIOS, and if the BIOS starting password input by the user is consistent with the prestored BIOS starting password, normally starting the server to enter the OS. Therefore, the user can operate the server for a long time as long as remembering the BIOS starting password, which brings great potential safety hazard to the operation safety of the server.
Therefore, how to provide a solution to the above technical problem is a problem that needs to be solved by those skilled in the art.
Disclosure of Invention
The invention aims to provide a method, a system and a device for setting a BIOS starting password, which have a certain time requirement on the authority of a user for operating a machine, namely the authority of the user is invalid after a certain time, thereby improving the safety of a server and data thereof.
In order to solve the above technical problem, the present invention provides a method for setting a BIOS boot password, comprising:
setting a user password and the effective time length of the user password, and storing the user password in a first memory of a BIOS (basic input output System) on a server;
when the set time length of the user password reaches the effective time length, clearing a password storage area in the first memory;
judging whether a password storage area in the first memory is empty or not in the process of initializing the starting BIOS of the server;
if not, prompting to use the user password to start up;
and if so, determining that the user password is invalid.
Preferably, the setting method further comprises:
storing the user password in a second memory of the BMC while storing the user password in the first memory, and setting a preset synchronous flag position as a non-clear position;
when the set time length of the user password reaches the effective time length, clearing the password storage area in the second memory, and setting the position of the synchronous mark as a clear space;
correspondingly, the process of clearing the password storage area in the first memory when the set duration of the user password reaches the effective duration includes:
in the BIOS post process, detecting whether the synchronous flag bit is a clear bit;
if so, clearing the password storage area in the first memory;
if not, synchronizing the password storage area in the second memory to the password storage area in the first memory.
Preferably, the process of determining that the set time length of the user password reaches the effective time length includes:
and when the user password and the effective duration are set, starting countdown according to the effective duration by using a watchdog mechanism in the BMC, and when the countdown is finished, determining that the set duration of the user password reaches the effective duration.
Preferably, the process of determining that the set time length of the user password reaches the effective time length includes:
acquiring initial time for setting the user password from an RTC in the server while setting the user password and the effective duration;
obtaining the failure time of the user password according to the initial time and the effective duration;
and when the time acquired from the RTC is the expiration time, determining that the set time of the user password reaches the effective time.
Preferably, the setting method further comprises:
after the password storage area in the first memory is emptied, recording password failure information of the first memory in a system log.
Preferably, the process of setting the user password and the effective time length of the user password includes:
setting multistage user passwords and the one-to-one corresponding effective time lengths of the multistage user passwords; the higher the priority is, the shorter the effective time length corresponding to the user password is;
correspondingly, when the set time length of the user password reaches the effective time length, clearing the password storage area in the first memory; judging whether a password storage area in the first memory is empty or not in the process of initializing the starting BIOS of the server; if not, prompting to use the user password to start up; if yes, determining the process of the user password invalidation, wherein the process comprises the following steps:
when the set time length of the target user password reaches the corresponding effective time length, emptying the target user password stored in the first memory; wherein the target user password is the user password of any level;
in the process of initializing the starting BIOS of the server, sequentially judging whether a password storage area corresponding to the user password in the first memory is empty or not according to the priority of the user password;
if not, prompting to use the user password with the highest priority in the user passwords which are not emptied to start the computer;
and if the passwords are null, determining that all the user passwords are invalid.
Preferably, the setting method further comprises:
and prompting the administrator to use the password to start up after determining that all the user passwords are invalid.
In order to solve the above technical problem, the present invention further provides a BIOS boot password setting system, including:
the setting module is used for setting a user password and the effective time length of the user password and storing the user password in a first memory of a BIOS (basic input output System) on a server;
an emptying module, configured to empty the password storage area in the first memory when the set duration of the user password reaches the effective duration;
the judging module is used for judging whether a password storage area in the first memory is empty or not in the process of initializing the starting BIOS of the server; if not, executing a prompt module; if yes, executing a determining module;
the prompting module is used for prompting the user to start up by using the user password;
and the determining module is used for determining that the user password is invalid.
Preferably, the setting module is specifically configured to set a multi-level user password and an effective time length corresponding to the multi-level user password one to one, and store all the multi-level user passwords in a first memory of a BIOS on a server; the higher the priority is, the shorter the effective time length corresponding to the user password is;
correspondingly, the emptying module is specifically configured to empty the target user password stored in the first memory when the set duration of the target user password reaches the corresponding effective duration; wherein the target user password is the user password of any level;
the judging module is specifically used for sequentially judging whether a password storage area corresponding to the user password in the first memory is empty or not according to the priority of the user password in the process of initializing the server startup BIOS; if not, executing a prompt module; if the number of the detection modules is empty, executing a determining module;
the prompting module is specifically used for prompting the user password with the highest priority in the user passwords which are not emptied to start up;
the determining module is specifically configured to determine that all user passwords are invalid.
In order to solve the above technical problem, the present invention further provides a device for setting a BIOS boot password, including:
a memory for storing a computer program;
and the processor is used for realizing the steps of any one of the BIOS boot password setting methods when executing the computer program.
The invention provides a setting method of a BIOS starting password, which comprises the steps of setting a user password and the effective time length of the user password, and storing the user password in a first memory of the BIOS; when the set time of the user password reaches the effective time, clearing the password storage area in the first memory; judging whether a password storage area in a first memory is empty or not in the process of initializing the starting BIOS of the server; if not, prompting to use a user password to start up; and if the password is null, determining that the user password is invalid. Therefore, the method and the device have a certain time requirement on the authority of the user for operating the machine, namely the authority of the user for operating the machine is invalid after a certain time, so that the safety of the server and the data thereof is improved.
The invention also provides a system and a device for setting the BIOS starting-up password, and the setting method has the same beneficial effects.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present invention, the drawings needed in the prior art and the embodiments will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings without creative efforts.
Fig. 1 is a flowchart of a method for setting a BIOS boot password according to an embodiment of the present invention;
fig. 2 is a schematic structural diagram of a system for setting a BIOS boot password according to an embodiment of the present invention.
Detailed Description
The core of the invention is to provide a method, a system and a device for setting a BIOS starting password, which have a certain time requirement on the authority of a user for operating a machine, namely the authority of the user for operating the machine is invalid after a certain time, thereby improving the safety of a server and data thereof.
In order to make the objects, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, but not all, embodiments of the present invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Referring to fig. 1, fig. 1 is a flowchart illustrating a method for setting a BIOS boot password according to an embodiment of the present invention.
The setting method comprises the following steps:
step S1: and setting the user password and the effective time length of the user password, and storing the user password in a first memory of a BIOS (basic input output system) on the server.
Specifically, considering that the existing BIOS boot password has no aging policy, once the BIOS boot password is set, the user can boot the operating machine through the password for a long time, which brings a great security risk to the use of the server, so the application sets the effective time length for the user password while setting the user password, that is, the time length for the user password to be effectively used by the user, that is, once the user password is expired, the user cannot boot the operating machine through the user password, thereby reducing the security risk of the server in use.
Meanwhile, the user password is also saved in a first Memory (Non-Volatile random access Memory (NVRAM)) of the BIOS on the server, so as to detect whether the password is used effectively when the server is powered on and the BIOS is initialized.
Step S2: and when the set time length of the user password reaches the effective time length, emptying the password storage area in the first memory.
Specifically, the validity period of the user password is: after a period of time that the time length is equal to the effective time length from the time of setting the user password, the user password is invalid, that is, when the set time length of the user password reaches the effective time length, the user password is invalid, and at this time, the user password stored in the first memory of the BIOS (the region in which the user password is stored is called a password storage region) needs to be cleared, so as to detect whether the password is invalid for use when the server is started up and initialized subsequently.
Step S3: judging whether a password storage area in a first memory is empty or not in the process of initializing the starting BIOS of the server; if not, go to step S4; if yes, go to step S5. Step S4: prompting to use the user password to start up. Step S5: determining that the user password is invalid.
Specifically, it is considered that when the user password is valid, the user password is stored in the password storage area in the first memory of the BIOS; when the user password is invalid, clearing a password storage area in a first memory of the BIOS; therefore, in the process of initializing the server startup BIOS, the method can judge whether the user password is invalid or not by detecting whether the password storage area in the first memory of the BIOS is empty or not, specifically, when the password storage area in the first memory of the BIOS is not empty, the user password is determined to be valid, and at the moment, the user can be prompted to use the user password to start up on a human-computer interaction interface of the server; when the password storage area in the first memory of the BIOS is detected to be empty, the password of the user is determined to be invalid, and the user cannot successfully start the computer to enter the operation in a mode of inputting the password of the user, so that the safety of the server and the data of the server is improved.
The invention provides a setting method of a BIOS starting password, which comprises the steps of setting a user password and the effective time length of the user password, and storing the user password in a first memory of the BIOS; when the set time of the user password reaches the effective time, clearing the password storage area in the first memory; judging whether a password storage area in a first memory is empty or not in the process of initializing the starting BIOS of the server; if not, prompting to use a user password to start up; and if the password is null, determining that the user password is invalid. Therefore, the method and the device have a certain time requirement on the authority of the user for operating the machine, namely the authority of the user for operating the machine is invalid after a certain time, so that the safety of the server and the data thereof is improved.
On the basis of the above-described embodiment:
as an optional embodiment, the setting method further includes:
storing the user password in a second memory of the BMC while storing the user password in the first memory, and setting a preset synchronous flag position as a non-clear position;
when the set time length of the user password reaches the effective time length, clearing a password storage area in the second memory, and setting the position of the synchronous mark as a clear space;
correspondingly, when the set duration of the user password reaches the effective duration, the process of clearing the password storage area in the first memory includes:
in the BIOS post process, detecting whether the synchronous flag bit is a clear bit;
if so, clearing the password storage area in the first memory;
if not, the password storage area in the second memory is synchronized to the password storage area in the first memory.
Further, considering that the first memory of the BIOS is emptied in a process of upgrading the BIOS and restarting the server by using a BMC (Baseboard Management Controller), and at this time, if the set time of the user password does not reach the effective time, the user password stored in the first memory of the BIOS is not required to be restored to prevent a subsequent user from normally booting, the following technical means are adopted to restore the user password stored in the first memory of the BIOS in the present application:
the user password is saved in a second Memory (Static random access Memory (SRAM)) of the BMC while the user password is saved in the first Memory of the BIOS, and the synchronization flag position set in advance is set to a non-clear position, for example, a non-clear position is represented by "1". When the set time length of the user password reaches the effective time length, the user password stored in the second memory of the BMC is cleared, and the position of the synchronous mark is the clear position, for example, the clear position is represented by '0'. If the synchronous flag bit is in the non-clear bit, the set time of the user password does not reach the effective time; if the synchronous flag bit is in the clear bit position, the set time length of the user password reaches the effective time length. Based on this, in a BIOS post process (a hardware startup detection process, which is before the step of judging whether the password storage area in the first memory is empty), the method detects whether the synchronous flag bit is an empty bit, and if the synchronous flag bit is the empty bit, which indicates that the set time of the user password reaches the effective time, the password storage area in the first memory is emptied; if the password is not set to the clear position, the set time of the user password does not reach the effective time, the password storage area in the second memory of the BMC is synchronized to the password storage area in the first memory of the BIOS, so that the first memory of the BIOS recovers the user password stored in the first memory of the BIOS, and the normal starting operation of a subsequent user is ensured.
As an alternative embodiment, the process of determining that the set time of the user password reaches the effective time includes:
and when the user password and the effective time length are set, starting countdown according to the effective time length by using a watchdog mechanism in the BMC, and when the countdown is finished, determining that the set time length of the user password reaches the effective time length.
Specifically, the cipher timing policy of the present application may be: starting to set the user password, starting to count down according to the effective time by using a watchdog mechanism in the BMC, if the effective time is 5 hours, starting to count down for 5 hours from the time when the user password is set, and when the counting down is finished, determining that the set time of the user password reaches the effective time, and the user password is invalid.
As an alternative embodiment, the process of determining that the set time of the user password reaches the effective time includes:
the method comprises the steps that when a user password and effective duration are set, initial time for setting the user password is obtained from an RTC in a server;
obtaining the failure time of the user password according to the initial time and the effective time;
and when the time acquired from the RTC is the expiration time, determining that the set time of the user password reaches the effective time.
Specifically, the cipher timing policy of the present application may also be: when the user password is set, the initial Time for setting the user password is acquired from an RTC (Real-Time Clock) in the server, and then the expiration Time of the user password is equal to the initial Time of the user password plus the effective Time of the user password.
As an optional embodiment, the setting method further includes:
after the password storage area in the first memory is emptied, password failure information of the first memory is recorded in a system log.
Furthermore, after the password storage area in the first memory of the BIOS is emptied, password failure information of the first memory of the BIOS is recorded in a system log for a user to check, so that the user can know that the password is failed.
As an alternative embodiment, the process of setting the user password and the effective time length of the user password includes:
setting the multi-level user password and the one-to-one corresponding effective time length of the multi-level user password; the higher the priority is, the shorter the effective time length corresponding to the user password is;
correspondingly, when the set time of the user password reaches the effective time, clearing the password storage area in the first memory; judging whether a password storage area in a first memory is empty or not in the process of initializing the starting BIOS of the server; if not, prompting to use a user password to start up; if yes, determining the process of user password invalidation, wherein the process comprises the following steps:
when the set time length of the target user password reaches the corresponding effective time length, emptying the target user password stored in the first memory; the target user password is a user password of any level;
in the process of initializing the starting BIOS of the server, sequentially judging whether a password storage area corresponding to a user password in a first storage is empty or not according to the priority of the user password;
if not, prompting to use the user password with the highest priority in the user passwords which are not emptied to start the computer;
and if the passwords are null, determining that all the user passwords are invalid.
Specifically, the application can allocate different operation durations to different users, and specifically, the more the operation durations, the more the user passwords with higher effective durations are known. Based on this, the method and the device set the validation durations corresponding to the multi-level user passwords one to one, specifically, the validation durations corresponding to the user passwords with higher priorities (which refer to the user passwords which are preferentially prompted to be used when the server is powered on) are shorter. When the set time length of a certain level of user password reaches the corresponding effective time length, the user password stored in the first memory of the BIOS is emptied. In the process of initializing the server startup BIOS, sequentially judging whether a password storage area corresponding to a user password in a first memory of the BIOS is empty or not according to the priority of the user password, prompting to use the user password (the user password is the user password with the highest priority in the user passwords which are not emptied) to start up when judging that the password storage area corresponding to the user password is not empty for the first time, specifically, different user names can be configured for different user passwords one by one, and prompting to use the user password to start up, namely displaying the user name corresponding to the user password on a man-machine interaction interface of the server so that a user can input the corresponding password; and when the password storage areas corresponding to all the user passwords are empty, determining that all the user passwords are invalid.
It can be seen that the more users are informed of the user password with the higher effective time duration, the longer the operable time of the user password to the server is, so that the operation time duration can be reasonably distributed for different users.
As an optional embodiment, the setting method further includes:
and prompting the administrator to use the password to start up after determining that all the user passwords are invalid.
Furthermore, after all the user passwords are determined to be invalid, the user is automatically prompted to start up by using the administrator password on a human-computer interaction interface of the server, the administrator password is kept by an administrator with the highest operation authority, and the ordinary user does not know the administrator password, so that only the administrator can start up to operate at the moment, and the security is high.
Referring to fig. 2, fig. 2 is a schematic structural diagram of a BIOS boot password setting system according to an embodiment of the present invention.
The setting system of the BIOS boot password comprises:
the setting module 1 is used for setting a user password and the effective time length of the user password and storing the user password in a first memory of a BIOS (basic input output System) on a server;
the clearing module 2 is used for clearing the password storage area in the first memory when the set duration of the user password reaches the effective duration;
the judging module 3 is used for judging whether a password storage area in the first memory is empty or not in the process of initializing the startup BIOS of the server; if not, executing a prompt module 4; if yes, executing a determining module 5;
the prompting module 4 is used for prompting the user to start up by using a user password;
and the determining module 5 is used for determining that the user password is invalid.
As an optional embodiment, the setting module 1 is specifically configured to set the multi-level user passwords and the validation durations corresponding to the multi-level user passwords one to one, and store all the multi-level user passwords in a first memory of a BIOS on a server; the higher the priority is, the shorter the effective time length corresponding to the user password is;
correspondingly, the clearing module 2 is specifically configured to clear the target user password stored in the first memory when the set duration of the target user password reaches the corresponding effective duration; the target user password is any level of user password;
the judging module 3 is specifically configured to, in the process of initializing the server startup BIOS, sequentially judge whether a password storage area corresponding to the user password in the first memory is empty according to the priority of the user password; if not, executing a prompt module 4; if the number of the detection signals is empty, executing a determining module 5;
the prompting module 4 is specifically used for prompting the user password with the highest priority in the user passwords which are not emptied to be used for starting up;
the determining module 5 is specifically configured to determine that all the user passwords are invalid.
For introduction of the setting system provided in the present application, please refer to the above-mentioned embodiment of the setting method, which is not described herein again.
The application also provides a setting device of the BIOS boot password, which comprises:
a memory for storing a computer program;
and the processor is used for realizing the steps of any one of the BIOS boot password setting methods when executing the computer program.
For the introduction of the setting device provided in the present application, please refer to the embodiment of the setting method, which is not described herein again.
It is further noted that, in the present specification, relational terms such as first and second, and the like are used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in the process, method, article, or apparatus that comprises the element.
The previous description of the disclosed embodiments is provided to enable any person skilled in the art to make or use the present invention. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other embodiments without departing from the spirit or scope of the invention. Thus, the present invention is not intended to be limited to the embodiments shown herein but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.
Claims (9)
1. A BIOS boot password setting method is characterized by comprising the following steps:
setting a user password and the effective time length of the user password, and storing the user password in a first memory of a BIOS (basic input output System) on a server;
when the set time length of the user password reaches the effective time length, clearing a password storage area in the first memory;
judging whether a password storage area in the first memory is empty or not in the process of initializing the starting BIOS of the server;
if not, prompting to use the user password to start up;
if so, determining that the user password is invalid;
the setting method further comprises the following steps:
storing the user password in a second memory of the BMC while storing the user password in the first memory, and setting a preset synchronous flag position as a non-clear position;
when the set time length of the user password reaches the effective time length, clearing the password storage area in the second memory, and setting the position of the synchronous mark as a clear space;
correspondingly, the process of clearing the password storage area in the first memory when the set duration of the user password reaches the effective duration includes:
in the BIOS post process, detecting whether the synchronous flag bit is a clear bit;
if so, clearing the password storage area in the first memory;
if not, synchronizing the password storage area in the second memory to the password storage area in the first memory.
2. The method for setting the BIOS boot password of claim 1, wherein the determining that the set time period of the user password reaches the validation time period comprises:
and when the user password and the effective duration are set, starting countdown according to the effective duration by using a watchdog mechanism in the BMC, and when the countdown is finished, determining that the set duration of the user password reaches the effective duration.
3. The method for setting the BIOS boot password of claim 1, wherein the determining that the set time period of the user password reaches the validation time period comprises:
when the user password and the effective duration are set, acquiring initial time for setting the user password from an RTC in the server;
obtaining the failure time of the user password according to the initial time and the effective duration;
and when the time acquired from the RTC is the expiration time, determining that the set time of the user password reaches the effective time.
4. The method for setting the BIOS boot password of claim 1, wherein the method further comprises:
after the password storage area in the first memory is emptied, recording password failure information of the first memory in a system log.
5. The method for setting the BIOS startup password of any one of claims 1 to 4, wherein the process of setting the user password and the validation time of the user password comprises:
setting multistage user passwords and the one-to-one corresponding effective time lengths of the multistage user passwords; the higher the priority is, the shorter the effective time length corresponding to the user password is;
correspondingly, when the set time length of the user password reaches the effective time length, clearing the password storage area in the first memory; judging whether a password storage area in the first memory is empty or not in the process of initializing the startup BIOS of the server; if not, prompting to use the user password to start up; if yes, determining the process of the user password invalidation, wherein the process comprises the following steps:
when the set time length of the target user password reaches the corresponding effective time length, emptying the target user password stored in the first memory; wherein the target user password is the user password of any level;
in the process of initializing the starting BIOS of the server, sequentially judging whether a password storage area corresponding to the user password in the first memory is empty or not according to the priority of the user password;
if not, prompting to use the user password with the highest priority in the user passwords which are not emptied to start the computer;
and if the passwords are null, determining that all the user passwords are invalid.
6. The method for setting the BIOS boot password of claim 5, wherein the method further comprises:
and prompting the administrator to use the password to start up after determining that all the user passwords are invalid.
7. A BIOS boot password setting system is characterized by comprising:
the setting module is used for setting a user password and the effective time length of the user password and storing the user password in a first memory of a BIOS (basic input output System) on a server;
an emptying module, configured to empty the password storage area in the first memory when the set duration of the user password reaches the effective duration;
the judging module is used for judging whether a password storage area in the first memory is empty or not in the process of initializing the starting BIOS of the server; if not, executing a prompt module; if yes, executing a determining module;
the prompting module is used for prompting the user to start up by using the user password;
the determining module is used for determining that the user password is invalid;
the setup system is further to:
storing the user password in a second memory of the BMC while storing the user password in the first memory, and setting a preset synchronous flag position as a non-clear position;
when the set time length of the user password reaches the effective time length, clearing the password storage area in the second memory, and setting the position of the synchronous mark as a clear space;
correspondingly, the emptying module is specifically configured to:
in the BIOS post process, detecting whether the synchronous flag bit is a clear bit;
if so, clearing the password storage area in the first memory;
if not, synchronizing the password storage area in the second memory to the password storage area in the first memory.
8. The BIOS boot password setting system of claim 7, wherein the setting module is specifically configured to set a plurality of user passwords and validation durations corresponding to the plurality of user passwords in a one-to-one manner, and store the plurality of user passwords in a first memory of the BIOS on the server; the higher the priority is, the shorter the effective time length corresponding to the user password is;
correspondingly, the emptying module is specifically configured to empty the target user password stored in the first memory when the set duration of the target user password reaches the corresponding effective duration; the target user password is the user password of any level;
the judging module is specifically used for sequentially judging whether a password storage area corresponding to the user password in the first memory is empty or not according to the priority of the user password in the process of initializing the server startup BIOS; if not, executing a prompt module; if the number of the detection modules is empty, executing a determining module;
the prompting module is specifically used for prompting the user password with the highest priority in the user passwords which are not emptied to start up;
the determining module is specifically configured to determine that all user passwords are invalid.
9. A BIOS boot password setting device is characterized by comprising:
a memory for storing a computer program;
a processor for implementing the steps of the BIOS boot password setting method of any one of claims 1 to 6 when executing the computer program.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010130106.9A CN111339525B (en) | 2020-02-28 | 2020-02-28 | BIOS (basic input output System) starting password setting method, system and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010130106.9A CN111339525B (en) | 2020-02-28 | 2020-02-28 | BIOS (basic input output System) starting password setting method, system and device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111339525A CN111339525A (en) | 2020-06-26 |
| CN111339525B true CN111339525B (en) | 2022-06-07 |
Family
ID=71182017
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010130106.9A Active CN111339525B (en) | 2020-02-28 | 2020-02-28 | BIOS (basic input output System) starting password setting method, system and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111339525B (en) |
Families Citing this family (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112559004A (en) * | 2020-11-19 | 2021-03-26 | 山东云海国创云计算装备产业创新中心有限公司 | BIOS upgrading method, device, equipment and medium |
| CN114003876B (en) * | 2021-09-28 | 2023-11-03 | 苏州浪潮智能科技有限公司 | Method, device, electronic equipment and medium for accessing BIOS password |
| CN114491547A (en) * | 2021-12-23 | 2022-05-13 | 浪潮(山东)计算机科技有限公司 | Method, device and system for clearing BIOS (basic input output System) password |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108256332A (en) * | 2018-01-17 | 2018-07-06 | 郑州云海信息技术有限公司 | A kind of method of the BIOS startup passwords setting based on IPMI orders |
| CN108959912A (en) * | 2018-06-29 | 2018-12-07 | 郑州云海信息技术有限公司 | A kind of method, device and equipment of BIOS and operating system multiplexing password |
| CN109635561A (en) * | 2019-01-31 | 2019-04-16 | 郑州云海信息技术有限公司 | A kind of method, apparatus that BIOS with BMC password setting is synchronous, terminal and storage medium |
-
2020
- 2020-02-28 CN CN202010130106.9A patent/CN111339525B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108256332A (en) * | 2018-01-17 | 2018-07-06 | 郑州云海信息技术有限公司 | A kind of method of the BIOS startup passwords setting based on IPMI orders |
| CN108959912A (en) * | 2018-06-29 | 2018-12-07 | 郑州云海信息技术有限公司 | A kind of method, device and equipment of BIOS and operating system multiplexing password |
| CN109635561A (en) * | 2019-01-31 | 2019-04-16 | 郑州云海信息技术有限公司 | A kind of method, apparatus that BIOS with BMC password setting is synchronous, terminal and storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111339525A (en) | 2020-06-26 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111339525B (en) | BIOS (basic input output System) starting password setting method, system and device | |
| US8006241B2 (en) | Automatic software installation and cleanup | |
| US10445503B2 (en) | Secure persistent software updates | |
| CN105204902B (en) | A kind of the security patch upgrade method and device of virtual machine | |
| CN111984490A (en) | Warning device, method, equipment and medium for illegal operating system starting item | |
| EP2525560A1 (en) | Image processing apparatus and method operating in degenerate mode with fewer functions if an error occurs on a hard disk storage medium storing installed application programs | |
| JP2016099837A (en) | Information processing apparatus, server device, information processing system, control method and computer program | |
| US11163643B2 (en) | Boot data validity | |
| US9781104B2 (en) | Working method of dynamic token | |
| JP2008171306A (en) | Electronic device and program | |
| CN112966276B (en) | Method, device and medium for safely starting computer | |
| WO2024119787A1 (en) | Method and apparatus for amd server system installation power-off processing, device and medium | |
| CN114020340A (en) | Server system and data processing method thereof | |
| JP2020057040A (en) | Information processing device, control method therefor, and program | |
| JP2020086469A (en) | Information processing apparatus and control method thereof, and program | |
| CN106897063B (en) | Method and system for permanently adding OS boot entry to BIOS based on EFI | |
| JP2005222366A (en) | Automatic recovery method, program, program recording medium, processor | |
| CN114237722B (en) | System starting method, device, equipment and engineering vehicle | |
| CN115827069A (en) | Starting control method, system and device for server mainboard | |
| CN113672448A (en) | BootLoader starting process monitoring method, device and storage medium | |
| CN114153503A (en) | BIOS control method, device and medium | |
| CN113407943A (en) | Server starting method, system and storage medium | |
| CN109783150A (en) | A kind of anti-brick method and device of embedded system starting | |
| JP6860800B1 (en) | Information processing equipment, information processing systems, and programs | |
| JP2014179047A (en) | Information processing device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |