login

[Sam Tygier]

Duncan Lithgow wrote:

>> I wonder... Since I'm the only user of my machine, I find it just 
>> convenient to use the automatic login (to a regular user account.) Is 
>> it a security risk?
>>
> Well, I agree with you Gustavo. If you're running the machine at home 
> without any real reason to be concerned about who gets access to the 
> computer, then why not use the auto login - butno, not to root.
> 
> But then I'm new to linux so take that with a grain of salt.
> 
> Duncan
> 

does the auto login feature store your password somewhere? would it make it any easier for someone to get your password? ie could a remote exploit that gains your user access be able to find your password any more easily?

given that a lot of people use the same password in many places means that if that password can be found they can do more damage than just if they could log on to your machine.

in someways the auto login could increase security against someone with a keyboard logger, or sharp eyesight watching you log on.

im not sure exactly how the auto log in system works. i assume it is done in a fairly sensible way. anyone know any more detail?

sam