I have a fully encrypted drive so I know when my laptop is turned off that nobody can access my data but what about when the screen is locked with my root password?
It is often impractical to turn off my computer everytime I leave my laptop unattended and as all my data is backed up and the laptop is pretty cheap, I'm not too bothered if it gets stolen as long as I know my data is secure.
I know there is a hack to bypass log-in or reset the root password on an unencrypted drive but this requires a reboot so it wouldn't be an issue for me as the crypt password is needed before any root password and my crypt password is likely much more complex than most people's. It took me a long time to memorize it.
My root password is secure but less secure than the encryption password as it would be too impractical to type something too long each time I want sudo or to unlock the screen.
If somebody steals my laptop when it is locked but turned on and then plugs it into a power source so the battery does not die, would it be easy for them to get access assuming they had plenty of time?
Other than trying to brute force my password is there any other way they could get into my computer as long as it remains turned on? When I enter the wrong log-in password the system says "checking" for a couple of seconds even though it already knows the password it wrong but I can see this is a delay to prevent rapid brute force guesses. I'm not worried about a dictionary attack as this would take years with that delay.
Sorry if this question has been answered but I can't find any conclusive answer.
I need to make a run to the store now for some supplies. I want to leave my downloads running with a locked screen. Should I be worried about a burglar stealing my laptop while I'm gone and reading my embarrassing browsing history?
edit:
TL;DR
If I leave my laptop on and the screen is locked can someone get access if they steal my computer? My drive is encrypted in-case they reboot.
Best Answer
They could try to brute-force your password, you might want to set it up so accounts are locked out after too many failed attempts. You didn't ask how, but if you're interested you can read more here https://web.archive.org/web/20190831173642/http://blog.bodhizazen.com/linux/ubuntu-how-to-faillog/
Edit : including steps as requested
Open
/etc/pam.d/common-auth
and add the line AT THE TOP OF THE FILE:To set the number of attempts allowed & timeout
Where 3 is the number of attempts allowed and 3600 seconds (1 hour) is how long to lock out the account for.
You can omit the
-l
part and the account will be locked out forever, however I would really not recommend that since your hard drive is encrypted. It would make your files very difficult to recover if you locked yourself out. If you choose to omit the lockout time, I would at least increase the number of attempts, because it's not that difficult to enter your password wrong 3 times.