diff --git a/cmd/collect.go b/cmd/collect.go
index 5649900..7db23d8 100644
--- a/cmd/collect.go
+++ b/cmd/collect.go
@@ -85,15 +85,17 @@ var CollectCmd = &cobra.Command{
 			switch s := store.(type) {
 			case *secrets.StaticStore:
 				if username != "" {
+					log.Info().Msg("--username passed, overriding all usernames with value")
 					s.Username = username
 				}
 				if password != "" {
+					log.Info().Msg("--password passed, overriding all passwords with value")
 					s.Password = password
 				}
 			case *secrets.LocalSecretStore:
 				for k, _ := range s.Secrets {
 					if creds, err := bmc.GetBMCCredentials(store, k); err != nil {
-						log.Error().Str("id", k).Err(err).Msg("failed to get BMC credentials from secret store")
+						log.Error().Str("id", k).Err(err).Msg("failed to override BMC credentials")
 					} else {
 						if username != "" {
 							creds.Username = username
@@ -103,7 +105,7 @@ var CollectCmd = &cobra.Command{
 						}
 
 						if newCreds, err := json.Marshal(creds); err != nil {
-							log.Error().Str("id", k).Err(err).Msg("failed to marshal updated BMC credentials")
+							log.Error().Str("id", k).Err(err).Msg("failed to override BMC credentials: marshal error")
 						} else {
 							s.StoreSecretByID(k, string(newCreds))
 						}
diff --git a/internal/util/bmc.go b/internal/util/bmc.go
new file mode 100644
index 0000000..76f61a8
--- /dev/null
+++ b/internal/util/bmc.go
@@ -0,0 +1,47 @@
+package util
+
+import (
+	"github.com/OpenCHAMI/magellan/pkg/bmc"
+	"github.com/OpenCHAMI/magellan/pkg/secrets"
+	"github.com/rs/zerolog/log"
+)
+
+func GetBMCCredentials(store secrets.SecretStore, id string) bmc.BMCCredentials {
+	var (
+		creds bmc.BMCCredentials
+		err   error
+	)
+
+	if id == "" {
+		log.Error().Msg("failed to get BMC credentials: id was empty")
+		return creds
+	}
+
+	if id == secrets.DEFAULT_KEY {
+		log.Info().Msg("fetching default credentials")
+		if creds, err = bmc.GetBMCCredentialsDefault(store); err != nil {
+			log.Warn().Err(err).Msg("failed to get default credentials")
+		} else {
+			log.Info().Msg("default credentials found, using")
+		}
+		return creds
+	}
+
+	if creds, err = bmc.GetBMCCredentials(store, id); err != nil {
+		// Specific credentials for URI not found, fetch default.
+		log.Warn().Str("id", id).Msg("specific credentials not found, falling back to default")
+		if defaultSecret, err := bmc.GetBMCCredentialsDefault(store); err != nil {
+			// We've exhausted all options, the credentials will be blank unless
+			// overridden by a CLI flag.
+			log.Warn().Str("id", id).Err(err).Msg("no default credentials were set, they will be blank unless overridden by CLI flags")
+		} else {
+			// Default credentials found, use them.
+			log.Info().Str("id", id).Msg("default credentials found, using")
+			creds = defaultSecret
+		}
+	} else {
+		log.Info().Str("id", id).Msg("specific credentials found, using")
+	}
+
+	return creds
+}
diff --git a/pkg/bmc/bmc.go b/pkg/bmc/bmc.go
index 012ffca..387100a 100644
--- a/pkg/bmc/bmc.go
+++ b/pkg/bmc/bmc.go
@@ -5,7 +5,6 @@ import (
 	"fmt"
 
 	"github.com/OpenCHAMI/magellan/pkg/secrets"
-	"github.com/rs/zerolog/log"
 )
 
 type BMCCredentials struct {
@@ -13,51 +12,54 @@ type BMCCredentials struct {
 	Password string `json:"password"`
 }
 
-func GetBMCCredentials(store secrets.SecretStore, id string) (BMCCredentials, error) {
+func GetBMCCredentialsDefault(store secrets.SecretStore) (BMCCredentials, error) {
 	var creds BMCCredentials
-	if id == secrets.DEFAULT_KEY {
-		log.Info().Msg("fetching default credentials")
-		if uriCreds, err := store.GetSecretByID(id); err != nil {
-			log.Warn().Err(err).Msg("failed to get default credentials")
-			return creds, fmt.Errorf("get default credentials: %w", err)
-		} else {
-			if err := json.Unmarshal([]byte(uriCreds), &creds); err != nil {
-				log.Error().Err(err).Msg("failed to unmarshal default credentials")
-				return creds, fmt.Errorf("unmarshal default credentials: %w", err)
-			} else {
-				log.Info().Msg("default credentials found, using")
-			}
+	if strCreds, err := store.GetSecretByID(secrets.DEFAULT_KEY); err != nil {
+		return creds, fmt.Errorf("get default BMC credentials from secret store: %w", err)
+	} else {
+		// Default URI credentials found, use them.
+		if err = json.Unmarshal([]byte(strCreds), &creds); err != nil {
+			return creds, fmt.Errorf("get default BMC credentials from secret store: failed to unmarshal: %w", err)
 		}
-
 		return creds, nil
 	}
+}
 
-	if uriCreds, err := store.GetSecretByID(id); err != nil {
-		// Specific credentials for URI not found, fetch default.
-		log.Warn().Str("id", id).Msg("specific credentials not found, falling back to default")
-		defaultSecret, err := store.GetSecretByID(secrets.DEFAULT_KEY)
-		if err != nil {
-			// We've exhausted all options, the credentials will be blank unless
-			// overridden by a CLI flag.
-			log.Warn().Str("id", id).Err(err).Msg("no default credentials were set, they will be blank unless overridden by CLI flags")
-		} else {
-			// Default credentials found, use them.
-			if err = json.Unmarshal([]byte(defaultSecret), &creds); err != nil {
-				log.Warn().Str("id", id).Err(err).Msg("failed to unmarshal default secrets store credentials")
-				return creds, err
-			} else {
-				log.Info().Str("id", id).Msg("default credentials found, using")
-			}
-		}
+func GetBMCCredentials(store secrets.SecretStore, id string) (BMCCredentials, error) {
+	var creds BMCCredentials
+	if strCreds, err := store.GetSecretByID(id); err != nil {
+		return creds, fmt.Errorf("get BMC credentials from secret store: %w", err)
 	} else {
 		// Specific URI credentials found, use them.
-		if err = json.Unmarshal([]byte(uriCreds), &creds); err != nil {
-			log.Warn().Str("id", id).Err(err).Msg("failed to unmarshal specific credentials")
-			return creds, err
-		} else {
-			log.Info().Str("id", id).Msg("specific credentials found, using")
+		if err = json.Unmarshal([]byte(strCreds), &creds); err != nil {
+			return creds, fmt.Errorf("get BMC credentials from secret store: failed to unmarshal: %w", err)
 		}
 	}
 
 	return creds, nil
 }
+
+func GetBMCCredentialsOrDefault(store secrets.SecretStore, id string) BMCCredentials {
+	var (
+		creds BMCCredentials
+		err   error
+	)
+
+	if id == "" {
+		return creds
+	}
+
+	if id == secrets.DEFAULT_KEY {
+		creds, _ = GetBMCCredentialsDefault(store)
+		return creds
+	}
+
+	if creds, err = GetBMCCredentials(store, id); err != nil {
+		if defaultSecret, err := GetBMCCredentialsDefault(store); err == nil {
+			// Default credentials found, use them.
+			creds = defaultSecret
+		}
+	}
+
+	return creds
+}
diff --git a/pkg/collect.go b/pkg/collect.go
index 80feff5..f46f6fa 100644
--- a/pkg/collect.go
+++ b/pkg/collect.go
@@ -141,8 +141,8 @@ func CollectInventory(assets *[]RemoteAsset, params *CollectParams) ([]map[strin
 				}
 
 				// get BMC username to send
-				bmcCreds, err := bmc.GetBMCCredentials(params.SecretStore, config.URI)
-				if err != nil {
+				bmcCreds := bmc.GetBMCCredentialsOrDefault(params.SecretStore, config.URI)
+				if bmcCreds == (bmc.BMCCredentials{}) {
 					log.Error().Str("id", config.URI).Msg("username will be blank")
 				}
 
diff --git a/pkg/crawler/main.go b/pkg/crawler/main.go
index 8b732f4..16658d6 100644
--- a/pkg/crawler/main.go
+++ b/pkg/crawler/main.go
@@ -1,10 +1,10 @@
 package crawler
 
 import (
-	"encoding/json"
 	"fmt"
 	"strings"
 
+	"github.com/OpenCHAMI/magellan/internal/util"
 	"github.com/OpenCHAMI/magellan/pkg/bmc"
 	"github.com/OpenCHAMI/magellan/pkg/secrets"
 	"github.com/rs/zerolog/log"
@@ -374,32 +374,9 @@ func loadBMCCreds(config CrawlerConfig) (bmc.BMCCredentials, error) {
 	if config.CredentialStore == nil {
 		return bmc.BMCCredentials{}, fmt.Errorf("credential store is invalid")
 	}
-	creds, err := config.CredentialStore.GetSecretByID(config.URI)
-	if err != nil {
-		event := log.Error()
-		event.Err(err)
-		event.Msg("failed to get credentials from secret store")
-		// try to get default if parameter is set
-		if config.UseDefault {
-			creds, err = config.CredentialStore.GetSecretByID(secrets.DEFAULT_KEY)
-			// no default credentials
-			if err != nil {
-				event := log.Error()
-				event.Err(err)
-				event.Msg("failed to get default credentials from secret store")
-				return bmc.BMCCredentials{}, err
-			}
-		} else {
-			return bmc.BMCCredentials{}, err
-		}
+	if creds := util.GetBMCCredentials(config.CredentialStore, config.URI); creds == (bmc.BMCCredentials{}) {
+		return creds, fmt.Errorf("%s: credentials blank for BNC", config.URI)
+	} else {
+		return creds, nil
 	}
-	var bmc_creds bmc.BMCCredentials
-	err = json.Unmarshal([]byte(creds), &bmc_creds)
-	if err != nil {
-		event := log.Error()
-		event.Err(err)
-		event.Msg("failed to unmarshal credentials")
-		return bmc.BMCCredentials{}, err
-	}
-	return bmc_creds, nil
 }