Security Risk – Is It Dangerous if a Password Can Be Reset Easily?


was just reading up on changing password complexity and I stumbled upon this:

Isn't that a big security risk? Assuming someone gets a hold of the physical box/laptop? I know with windows there is a requirement for using a password reset disk. But, I assume if anyone gets a hold of an HDD/SSD they can read the info on it assuming the file system hasn't been encrypted. But this, even with encryption, seems that anyone can reset the password for the system if they are at the terminal.

Best Answer

A more abstract definition of "resetting a password" is "modifying data on a physical disk". Everyone with physical access can change any bit on a disk, independent of the OS.

The password can only be resetted in a terminal if you know the previous password, unless you're logged in as root (in Recovery mode for example). To protect against this (modification of the password file /etc/shadow), you should use full disk encryption (LUKS). Encrypting your home directory only still allows for modifications to the root filesystem (password file) and insertion of random files.

By the way, anyone with physical access can ruin your machine. Boot passwords do not prevent people from taking the disk out of the machine and plugging it in their machine (via a SATA - USB/eSATA cable for instance) and modifying the contents of it (or copying data from it). Even fully encrypted disks are not as fully encrypted as you may expect. How does the system boot? With the unencrypted bootloader. There is a vulnerability also known as "evil maid attack" which is performed by modiying the bootloader files. After such an "attack", the owner of the machine would not notice anything since there may be small code inserted that copies the entered password.

A way to migitate this is by using a dedicated boot medium (memory card, USB memory stick), but this is usually not preferable by the normal people which have a very small chance of encountering this.