IBM Bluemix portal used by VF team to maintain its infrastructure for cloud products, what QA team observed is that Reviewer role user can see and update the device password, ideally which should be restricted due to security reasons and not explored to read on access. I raised this issue with support team but they responded back with below answer
“Unfortunately there is no way to allow access to most of the server info and not the password information. The way the access works in our portal for details about a sever is full access, or no access. We have user settings for being able to reboot, initiate an OS reload, manage\create images, or editing the host name. We apologize for the inconvenience that this may cause.
I would suggest to add this issue in your future release as an enhancement and if possible plz share roughly timeline for the fix of this issue .
NOTICE TO EU RESIDENTS: per EU Data Protection Policy, if you wish to remove your personal information from the IBM ideas portal, please login to the ideas portal using your previously registered information then change your email to "email@example.com" and first name to "anonymous" and last name to "anonymous". This will ensure that IBM will not send any emails to you about all idea submissions