On Thursday, 6 August 2020 00:37:08 UTC+8, Qubes wrote: > > What risk(s) are you mitigating by disabling passwordless root? >
You should look at this the other way around--what do I stand to lose by keeping passwordless root? If I can take a low-cost step that would dramatically raise the cost for would-be attackers, wouldn't it be a prudent step to take? Besides, even Joanna herself backtracked on her claim that passwordless root is the best option (forgot where I read it, but I definitely did) -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/65c66143-b92a-4846-a6e9-a62f86c8e213o%40googlegroups.com.
