In fact, the User Accounts applet in the Settings allows creating a user with no password by putting it in the nopasswdlogin group, but as soon as the screen lock comes up, the user is unable to unlock the screen.
So the screen lock definitely needs to honour the nopasswdlogin group, and this is a bug with no real security implications. ** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1413790 Title: It's possible to bypasss lockscreen if user is in nopasswdlogin group. To manage notifications about this bug go to: https://bugs.launchpad.net/lightdm/+bug/1413790/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
