Changing the password for Intel vPro devices

A secure password is required to communicate with and to provision new Intel vPro devices. For devices that you will manage, the "admin" password you enter in the Intel AMT Configuration Screen (accessed in the device BIOS) should be the same as the password that you enter in the Intel vPro General Configuration dialog box. That password is saved in the Endpoint Manager database and applied globally for provisioning Intel vPro devices.

Intel vPro requires the use of a strong password to enable secure communications. Passwords should meet these requirements:

  • At least 8 characters long
  • Includes at least one number character (0-9)
  • Includes at least one non-alphanumeric ASCII character (such as !, &, %)
  • Contains both upper- and lowercase Latin characters, or non-ASCII characters (UTF+00800 and above)

After provisioning devices, you should regularly change passwords as part of your IT maintenance. You can use a different password for each Intel vPro device, or you can apply a new password to multiple devices. The new passwords you enter are stored in the database and used by Endpoint Manager to communicate securely with managed Intel vPro devices.

Host-based provisioning for Intel vPro 6.2 and higher

Endpoint Manager uses host-based provisioning for Intel vPro devices with AMT version 6.2 and higher. If you have entered a password in the Intel vPro General Configuration dialog box, but you have not set a PID (one-touch provisioning) on the devices or provided a zero-touch certificate, your devices are provisioned using Client Control mode. This mode limits some Intel vPro functionality, reflecting the lower level of trust required to complete the device setup.

If you have entered a password in the Intel vPro General Configuration dialog box and you have either set a PID on the devices or you have provided a zero-touch certificate, devices are provisioning using Admin Control mode, which has no limitations to Intel vPro functionality, reflecting the higher level of trust associated with the device setup.