---
title: BMC Password Reset Guide
slug: bmc-password-reset
description: How to reset the baseboard-management-controller password on the BMC variants used in the node fleet — ASUS, Gigabyte, Dell iDRAC9, and Supermicro.
tags:
  - node-provider
  - bmc
  - ipmi
  - runbook
  - operations
date: 2026-05-04
related:
  - node-provider-documentation
  - node-provider-maintenance
  - decentralization-and-security
---

The baseboard management controller (BMC) is the out-of-band
management interface on every node machine. Use this runbook when you
need to reset the BMC password — for example, after staff turnover,
or as part of bringing a returned RMA chassis back into service.

> [!WARNING]
> The BMC sits beneath the operating system and has full power-cycle
> and KVM authority over the node. Treat the BMC password with at
> least the same care as a root credential. Set it to a strong,
> unique value and never reuse it across nodes.

## Before you start

You will need an interactive way to reach the BMC:

- A **crash cart** physically attached to the node, or
- A **KVM** session, or
- The BMC's own **web interface**, reached over its management
  network.

Reset the password from one of those sessions, not from the host
operating system on the node itself.

## ASUS — ASMB10-iKVM

1. Sign in to the BMC web interface.
2. Navigate to **Maintenance &rarr; System Administrator**.
3. Use the *reset password* control to set a new password.

## Gigabyte — MegaRAC SP-X

1. Sign in to the BMC web interface.
2. Navigate to **Maintenance &rarr; System Administrator**.
3. Use the *reset password* control to set a new password.

## Dell — iDRAC9

1. Sign in to iDRAC.
2. Navigate to **iDRAC Settings &rarr; Users &rarr; Local Users**.
3. Select your user account and choose **Edit**.
4. Use the *reset password* control to set a new password.

## Supermicro

1. Sign in to the BMC web interface.
2. Navigate to **Configuration &rarr; Users**.
3. Select your user account and choose **Modify User**.
4. Use the *reset password* control to set a new password.

## Choosing a strong password

> [!TIP]
> Generate the new password with a password manager rather than
> typing one. The BMC will accept any value you give it; the
> security comes from your choice.

Follow the guidance in [Decentralization and Security](/wiki/decentralization-and-security/)
for password strength and storage. Record the new password in your
provider's credentials vault before you log out — losing the BMC
password locks you out of the node's out-of-band interface.

## After resetting

- Verify the new password by logging out and signing in again.
- If the BMC supports it, rotate any session tokens or API keys
  derived from the previous password.
- If the node is part of a fleet rotation, repeat the procedure for
  every BMC affected by the same exposure.

## Related

- [Node Provider Documentation](/wiki/node-provider-documentation/) — the role overview.
- [Node Provider Maintenance Guide](/wiki/node-provider-maintenance/) — wider operational handbook.
- [Decentralization and Security](/wiki/decentralization-and-security/) — password and security best practice.