Assigning ROOT a password

David Fletcher kubuntu-users at thefletchers.net
Mon Apr 28 11:34:54 UTC 2008


At 12:19 28/04/2008, you wrote:
>On Mon, Apr 28, 2008 at 12:03 AM, Billie Walsh <bilwalsh at swbell.net> wrote:
>
>Well, then ... if someone wanted to hack your system, it should be
>within their capabilities to determine what type of OS you're running.
>And since EVERYBODY knows that Ubuntu distros don't have a root
>password, it can't be too hard for them to then change their focus to
>cracking the other passwords on your system. Fot home systems, there's
>*usually) not dozens of logins, so that lessens the job.

I think the point here is that if the root password is enabled, 
everybody knows what the user ID is - it is root. So the cracker 
already knows the user ID and 'only' has to guess the password.

When the root login is disabled a cracker has no idea what logins are 
available, and has little chance of guessing both a user ID and a 
password at the same time even if it is a weak password.

Dave





More information about the kubuntu-users mailing list