** Tags added: xenial

You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to lightdm in Ubuntu.

  Lock screen can be bypassed when auto-login is enabled.

Status in Ubuntu MATE:
Status in lightdm package in Ubuntu:
  Fix Committed
Status in mate-session-manager package in Ubuntu:

Bug description:
  16.04 LTS


  My machine is set up with full-disk encryption, so it requires a
  password when I boot it up. Because of this I thought I would enable
  auto-login to avoid having to enter two passwords at boot.

  When I leave my computer for short periods of time, I lock it. I
  thought this was working fine for a long time, but I've discovered the
  lock screen is actually easily bypassable when auto-login is enabled.
  All one has to do is click "Switch User" on the lock screen, then
  press "Unlock" and the computer unlocks without prompting for a

  Perhaps this is just me being an idiot, but I thought this was secure
  until now. It seems like either unlocking should always require a
  password (otherwise what's the point of locking in the first place) or
  it should be made totally obvious that unlocking doesn't actually
  require a password (i.e. removing the password box from the lock
  screen when auto-login is enabled).


To manage notifications about this bug go to:

Mailing list: https://launchpad.net/~touch-packages
Post to     : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

Reply via email to