Sugestions: quit locking root account

It is nothing but a nuisance to attackers who already expect it, but a huge pain for legit users. If you know the luks password it is game over anyway. Anything else is just annoyance, so don’t annoy the real users.

Yesterday I had to reset the main user password of a librem13. The owner got the delivery last week, put in the passwords just to check pureOS and proceed to not use the computer for a week, by the time the password was forgotten.

I booted into single user mode only to find the root account locked. Debian list has a huge thread about why this is silly and futile. To sum the history, what I could have solved in 15min took me over 4 hours and a couple live ISO downloads that added to the waste.

1 Like