I'd bet you're wrong there.
Well you're already conclusively demonstrated that I'm wrong once, so I'm folding.
Super Micro gear is pretty popular across the span of DoD, DoE, three letter agencies, etc. They're cheap and willing to build weird stuff for various customers.
The only reason I'm thinking maybe not for DHS is that I know they have contracts with HP and Dell, and also how I generally don't think that they need the "weird" stuff like obviously the DoE and DoD regularly do.
But you're right, I'd bet I was wrong too.
Also - Dell still ships the BMC with a default password as well. It's been the same for...15 years? Something like that anyway.
Well, I can say for sure that iLO doesn't. I can't say that you're completely wrong about iDRAC, because I'm way more hazy about that. EDIT: I didn't phrase that right, my supposition is therefore that you are absolutely RIGHT about iDRAC, because I can't dispute it at all. Apologies.
Anyway, like you said in an different thread, it's not exactly the biggest deal in the universe. Passwords should be changed, network access should be compartmentalized, etc..