My 75-year-old neighbor recently transitioned from Windows 11 to Linux and is enjoying the experience, but he finds the frequent requirement to enter his password frustrating. He memorized a strong password for LUKS (using a mix of uppercase, lowercase, numbers, and symbols), which he uses when booting the system. However, once he's logged into KDE Plasma (with automatic sign-in post LUKS), is a strong user password really necessary? This hassle is making him hesitant to put his laptop to sleep or update. I'm looking for advice on whether it's okay for him to use a simpler password for daily tasks, considering he already has a strong security measure in place with LUKS.
5 Answers
You could explain the security needs to him, but honestly, why ask here? Just provide the info directly.
For Linux systems like Ubuntu, you can adjust password requirements by editing the sudoers file. You’d do something like `sudo visudo -f /etc/sudoers.d/nopasswd` and add the line: `YOURUSER ALL=(ALL) NOPASSWD: ALL`, just replacing 'YOURUSER' with his actual username. But remember, this would allow him to skip entering a password for sudo commands, so it's important to be cautious with security.
I’m not sure if he even uses the terminal much, though. This advice might not apply if he’s not familiar with command-line functions!
To ease the login process, he might consider using a fingerprint sensor compatible with Linux. This way, he wouldn't need to type his password each time, making everything smoother for him.
Setting up a daily use account with a simple password could be another option, so he wouldn't have to use his stronger password for every single action. What do you think about that approach?
The LUKS password protects the data when the laptop is off. Once he’s logged in, using the account password helps keep things secure while he’s using the machine. Removing the password entirely could be risky. Ideally, he should only have to enter it a couple of times a week for updates or installing new applications. If he’s entering it more often, he might be doing something atypical.
He typically has to enter it when he wakes his laptop from sleep, which can be annoying.
On CachyOS, it might look a bit different, and you could use `%wheel ALL=(ALL) NOPASSWD: ALL`. I'm still wondering, though, is it truly safe to drop his user password altogether? Wouldn’t that expose him to security risks?