In case it's relevant, I'm on a Lenovo Y700 laptop. When I set my password from the Settings GUI it sets both the root password and the password that I use to unlock the laptop. At least with the version of gnome that I'm using, Ubuntu has a lock screen where it shows a wallpaper and the time, and a login screen which has the user logged in and a field where you type your password.
Yesterday my password was a string, X. I opened my laptop, entered the first character of X, expecting the lock screen to transition to the login screen. The lock screen did not transition into the login screen. I typed the first character again, and nothing happened. I pressed the spacebar to try to get the laptop to respond, and it unlocked (without me ever typing in the password). This was really unnerving because it meant that the laptop was completely vulnerable, so I rebooted. After rebooting, I tried entering a random string to log in and it didn't work. I entered X and it unlocked. I promptly changed both my root password and my login to the string Y via the Settings GUI. I ran a sudo command and the terminal would only accept Y as the password. Just a few minutes ago, I tried unlocking the laptop with X and it worked. This is really upsetting because it means there's a chance that any random person could walk up to my laptop and unlock it, regardless of what the password is. I'm going to upgrade to 18.10 soon, but I think it's pretty necessary to report this problem. By the way, the bug report says that the faulty package is gnome-screensaver, but that it's not installed. I don't know which package is responsible, so I changed that in the bug report. ** Description changed: Ubuntu 18.04.1 Just a few minutes ago, I typed the first character of my password, and the lock screen didn't change to the login screen. I typed the character again and nothing happened, so I pressed the spacebar to try to get the thing's attention. - Then it unlocked. - - This is spooked me, so I restarted my laptop and tried logging in with a random string, and nothing happened. I logged in with my regular password and then promptly changed it. + This is spooked me, so I restarted my laptop and tried logging in with a + random string, and nothing happened. I logged in with my regular + password and then promptly changed it. I tried unlocking my system with my old password, and it worked. However, the terminal only recognizes my new root password. ProblemType: Bug DistroRelease: Ubuntu 18.04 - Package: gnome-screensaver (not installed) + Package: unknown ProcVersionSignature: Ubuntu 4.15.0-42.45-generic 4.15.18 Uname: Linux 4.15.0-42-generic x86_64 ApportVersion: 2.20.9-0ubuntu7.5 Architecture: amd64 CurrentDesktop: ubuntu:GNOME Date: Mon Dec 17 23:10:46 2018 InstallationDate: Installed on 2018-09-15 (94 days ago) InstallationMedia: Ubuntu 18.04 LTS "Bionic Beaver" - Release amd64 (20180426) ProcEnviron: - PATH=(custom, no user) - XDG_RUNTIME_DIR=<set> - LANG=en_US.UTF-8 - SHELL=/bin/bash + PATH=(custom, no user) + XDG_RUNTIME_DIR=<set> + LANG=en_US.UTF-8 + SHELL=/bin/bash SourcePackage: gnome-screensaver Symptom: security Title: Screen not locked when coming out of suspend/hibernate UpgradeStatus: No upgrade log present (probably fresh install) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/1808908 Title: Screen not locked when coming out of suspend/hibernate To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnome-screensaver/+bug/1808908/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
