I recently decided to change my (very) strong user password to something trivial.
This was mostly to eliminate frustration with typing a long password each time I sudo or whatever.
My question is, is there any reason to have a strong user password? considering that most services which I run on my box do not use PAM for auth:
- apache2 – uses .htpasswd for access
- sshd – only private keys allowed
- transmissiond – uses its own http auth
- mpd – uses its own auth
- samba – limited to LAN
Physical access to the box is out of the question.
Best Answer
The reason to have a password is the reason to have a strong or even a very strong password, one of the reasons being to protect you from unauthorized access.
If you are certain that your PC is absolutely safe that it doesn't need a password, you may want to have a look at these questions: