I have an encrypted desktop setup where I enter my password to boot up, but then it automatically logs into KDE, skipping the login screen altogether. I do have a password set, and my system is configured to auto-lock after 5 minutes of inactivity. I thought this would simplify things since I wouldn't need to type my password twice. However, I'm wondering if there are any significant security risks associated with this setup.
2 Answers
There are definitely pros and cons to using auto-login with an encrypted setup. As long as you have an encryption password for booting and a separate password for locking your screen, you’re in a pretty secure position overall. The main concern would be if there were a crash or a flaw in your screen locker that could compromise your security.
From a high-security perspective, advanced threat actors might be able to take live images of your RAM to extract encryption keys and potentially access your drive. If your processor is compatible, you should consider enabling live memory encryption in your BIOS and OS. This would add an extra layer of security against unauthorized access, especially if they might try to disable it and trick you into logging in.
Related Questions
Can't Load PhpMyadmin On After Server Update
Redirect www to non-www in Apache Conf
How To Check If Your SSL Cert Is SHA 1
Windows TrackPad Gestures