• 0 Posts
  • 14 Comments
Joined 1 year ago
cake
Cake day: June 11th, 2023

help-circle









  • New to Linux so I’m sorry if I’m being ignorant, but it does seem crazy you can get access to a machine without the password.

    This is always the case, no matter what OS you use, unless you use full-disk encryption. User credentials are all just data on a disk, so if someone has physical access to your machine, and your disk isn’t encrypted, then they can access (and change) those credentials or any other data.

    See also: https://ostechnix.com/reset-windows-password-with-linux-live-cd/

    What’s even the point of having a password

    As you say, preventing remote access is one, but also a password will slow someone down a bit, and stop low-knowledge adversaries entirely, possibly. Also you will at least know someone has messed with your machine if they change the password.

    Really, though, there’s nothing malicious someone can do to an unencrypted computer by changing the password that they couldn’t do without changing the password (copy all your files, delete all your files, install malicious software). Except I guess annoying you by making you change your password back. 😆