{{Header}}
{{Title|
title={{project_name_short}} Default Passwords
}}
{{#seo:
|description=Information about {{project_name_short}} default user and passwords.
|image=Password2781614640.jpg
}}
{{passwords_mininav}}
[[File:Password2781614640.jpg|thumb]]
{{intro|
Information about {{project_name_short}} default user and passwords.
}}

= Introduction =

On this page we discuss default passwords for {{project_name_short}} and offer guidance and answers to common questions.

= Default Passwords for {{project_name_short}} =

== Current Version ==
Starting from build version <code>17.2.0.7</code> and above have these default settings:

{{Default_Passwords}}

Users can [[Post_Install_Advice#Change_Passwords|change or set a password]] for security reasons if this is useful in their case based on this [[Default_Passwords#Information|Information]].

For troubleshooting, refer to [[Post_Install_Advice#Change_Keyboard_Layout|Change Keyboard Layout]] and [[Post_Install_Advice#Test_Keyboard_Layout|Test Keyboard Layout]].

== Old Versions before 17.2.0.7 ==

Build versions older than <code>17.2.0.7</code> had these default settings:

{{mbox
| image   = [[File:Ambox_notice.png|40px|alt={{project_name_short}} default admin password is: changeme]]
| text    =
* '''Default username:''' {{CodeSelect|code=user}}
* '''Default password:''' {{CodeSelect|code=changeme}}
}}

This was changed in newer versions. See above [[#Current_Version]].

Default passwords in old build versions remain unchanged.

= Information / FAQ =
{{Anchor|Information}}

{{Collapsible
|title='''Definitions to understand topics below'''
|smallTitle=true
|content=
* '''Single-user system:''' A single-user system is defined here as a computer that has only one human user.
* '''Multi-user system:''' A multi-user system is defined here as a shared computer that has different multiple human users.
* '''User account password:''' A password for a Linux user account such as account <code>user</code>. This is used for [[Login]] into [[Desktop#Virtual_Consoles|Virtual Consoles]], graphical login manager (such as LightDM) as well as for administrative ("[[root]]") rights authentication.
* '''Disk encryption password:''' A password required early during the boot process ("pre-boot") to decrypt the hard drive.
}}

'''Importance of setting a user account password:'''
* '''For single-user systems:''' Not important.
* '''For multi-user systems:''' Important.

'''Advantage of setting a user account password:'''
* [[Protection_Against_Physical_Attacks#Login_Screen|Login Screen]] password protection.
* [[Protection_Against_Physical_Attacks#Screen_Lock|Screen Lock]] password protection.
* Administrative ("[[root]]") rights authentication. (But this is a weak protection. See [[Root#Prevent_Malware_from_Sniffing_the_Root_Password|Prevent Malware from Sniffing the Root Password]] for a safer procedure.)

'''Unnecessary user account password:'''
* '''SSH''': PAM does not enable <code>PermitEmptyPasswords</code> option by default. Therefore passwordless login using SSH cannot happen. See also: [[SSH]]

'''Protect computer from unauthorized access:'''
* '''FDE:''' It is recommended to use [[Full_Disk_Encryption|Full Disk Encryption (FDE)]]. This will protect all important data on the computer once it has been powered off through encryption and require authentication early during the computer boot process using a disk encryption password. This is a much stronger protection than any user account login password. Note, that FDE requires a very strong password which can resist offline password cracking. See [[Passwords]].
* '''Virtual console:''' See [[Protection_Against_Physical_Attacks#Virtual_Consoles|Virtual Consoles]].
* '''Screen lock:''' See [[Protection_Against_Physical_Attacks#Screen_Lock|Screen Lock]].
* '''BIOS password''': See [[Protection_Against_Physical_Attacks#BIOS_Password|BIOS Password]].
* '''See also: [[Protection_Against_Physical_Attacks|Protection against Physical Attacks]]'''

'''Password strength requirements for user account password:''' If setting a user account password, how strong does it need to be? 22 truly random characters such as for example "<code>zavtf5%/r+B`ZkKQ;g,8}{</code>"? (Obviously, do not use that password because it is publicly known, written on a website.) No, strong passwords for Linux account users are not required. This is because in {{project_name_short}} user accounts are locked after 50 failed login attempts. This is thanks to [[Dev/Strong_Linux_User_Account_Isolation#Online_Password_Cracking_Restrictions|Online Password Cracking Restrictions]].

'''Unlock:''' How to unlock a user account password once the account gets locked? See [[Root#Unlock_User_Account:_Excessive_Wrong_Password_Entry_Attempts|password unlock procedure]].

'''How to safely use sudo/root?''' See the [[root|Safely Use Root Commands]], especially [[Root#Prevent_Malware_from_Sniffing_the_Root_Password|Prevent Malware from Sniffing the Root Password]].

'''Servers''': When using a remote server, setting user account passwords or locking accounts is important to prevent virtual console based logins. See [[Server_Security_Guide#User_Account_Password_Security|Server Security Guide, User Account Password Security]].

'''Technical rationale:''' See [[Dev/Strong_Linux_User_Account_Isolation|Strong Linux User Account Isolation]].

'''Forum discussion:''' [https://forums.whonix.org/t/whonix-default-password-changeme-impact/13115 default password (changeme) impact]

= Related =
* [[Login]]

= Footnotes =
<references />
{{Footer}}
[[Category:Documentation]]

You are viewing proxied material from ftp.icm.edu.pl. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.