Skip to main content

Summary

PXE (Preboot eXecution Environment) boot passwords in ConfigMgr are a security feature to protect the PXE boot process from unauthorized access. When attempting to network boot from the PXE-enabled distribution point, the user must enter a password to access the boot media. The password is configured in the PXE settings for the distribution point (Figure 1).
Distribution Point PXE Settings
This password can be retrieve using tools like PXEThief and pxethiefy and subjected to offline password attacks. Therefore, it is paramount to choose a unique, strong password that can withstand cryptographic interrogation.

Linked Defensive IDs

Associated Offensive IDs

References