Ubuntu – How to prevent someone from resetting the password with a Live CD

live-cdpasswordSecurity

Recently one of my friends came over to my place, within 15 minutes he hacked my account using a Live CD and reset the password in front of me. I was baffled to see such a thing. Please guide me to prevent such a future attempt using a Live CD.

Best Answer

A quick and easy way to do this is to disable booting from CDs and USB sticks in your BIOS and set a BIOS password.

According to this wiki page:

Placing passwords or locking menu items (in the Grub configuration files) does not prevent a user from booting manually using commands entered at the grub command-line.

However there's nothing stopping someone from just stealing your hard drive and mounting it on another machine, or resetting your BIOS by removing the battery, or one of the other methods that an attacker can use when they have physical access to your machine.

A better way would be to encrypt your drive, you can either do this by encrypting your home directory, or encrypting the entire disk:

Related Question