Kicksecure Default Passwords
Information about Kicksecure default user and passwords.
Introduction[edit]
On this page we discuss default passwords for Kicksecure and offer guidance and answers to common questions.
Default Passwords for Kicksecure[edit]
Current Version[edit]
Starting from build version 17.2.0.7
and above have these default settings:
Users can change or set a password for security reasons if this is useful in their case based on this Information.
For troubleshooting, refer to Change Keyboard Layout and Test Keyboard Layout.
Old Versions before 17.2.0.7[edit]
Build versions older than 17.2.0.7
had these default settings:
This was changed in newer versions. See above #Current_Version.
Default passwords in old build versions remain unchanged.
Information / FAQ[edit]
Definitions to understand topics below
- Single-user system: A single-user system is defined here as a computer that has only one human user.
- Multi-user system: A multi-user system is defined here as a shared computer that has different multiple human users.
- User account password: A password for a Linux user account such as user
user
. This is used for Login into Virtual Consoles, graphical login manager (such as LightDM) as well as for administrative ("root") rights authentication. - Disk encryption password: A password required early during the boot process ("pre-boot") to decrypt the hard drive.
Importance of setting a user account password:
- For single-user systems: Not important.
- For multi-user systems: Important.
Advantage of setting a user account password:
- Login Screen password protection.
- Screen Lock password protection.
- Administrative ("root") rights authentication. (But this is a weak protection. See Prevent Malware from Sniffing the Root Password for a safer procedure.
Unnecessary user account password:
- SSH: PAM does not enable
PermitEmptyPasswords
option by default. Therefore passwordless login using SSH cannot happen. See also: SSH
Protect computer from unauthorized access:
- FDE: It is recommended to use Full Disk Encryption (FDE). This will protect all important data on the computer once it has been powered off through encryption and require authentication early during the computer boot process using a disk encryption password. This is a much stronger protection than any user account login password. Note, that FDE requires a very strong password which can resist offline password cracking. See Passwords.
- Virtual console: See Virtual Consoles.
- Screen lock: See Screen Lock.
- BIOS password: See BIOS Password.
- See also: Protection against Physical Attacks
Password strength requirements for user account password: If setting a user account password, how strong does it need to be? 22 truly random characters such as for example "zavtf5%/r+B`ZkKQ;g,8}{
"? (Obviously, do not use that password because it is publicly known, written on a website.) No, strong passwords for Linux account users are not required. This is because in Kicksecure user accounts are locked after 50 failed login attempts. This is thanks to Online Password Cracking Restrictions.
Unlock: How to unlock a user account password once the account gets locked? See password unlock procedure.
How to safely use sudo/root? See the Safely Use Root Commands, especially Prevent Malware from Sniffing the Root Password.
Servers: When using a remote server, setting user account passwords or locking accounts is important to prevent virtual console based logins. See Server Security Guide, User Account Password Security.
Technical rationale: See Strong Linux User Account Isolation.
Forum discussion: default password (changeme) impact
Related[edit]
Footnotes[edit]
We believe security software like Kicksecure needs to remain Open Source and independent. Would you help sustain and grow the project? Learn more about our 12 year success story and maybe DONATE!