- There is nothing wrong with Debian's default
/etc/securettyfile as long as using a secure root password.
- A compromised user account user
usercould be infected with a keylogger which could read the sudo password and thereby acquire root access.
- A secure password for user
userand root leads to compromised non-root users (such as user
sdwdatein case sdwdate gets exploited) to requiring a local privileged escalation exploit in order to acquire root compromise. Root password bruteforcing is not possible.
- A secure password for root/user accounts must follow the same rationale as explained on the Passwords page. -> maybe not -> https://forums.whonix.org/t/how-strong-do-linux-user-account-passwords-have-to-be-when-using-full-disk-encryption-fde-too/7698/14
- Only one user account with password and no root account login supported by default also means the user has only to remember and secure one rather than two strong passwords.
- Any graphical application can see what any user is typing in any other graphical application for any user. 
- user documentation: Root
When login in tty1 as root, not counting as failed login attempt fortunately for our pam_tally2 implementation in security-misc.
Quote Joanna Rutkowska, security researcher, founder and advisor (formerly architecture, security, and development) of Qubes OS:
One application can sniff or inject keystrokes to another one, can take snapshots of the screen occupied by windows belonging to another one, etc.
This is a wiki. Want to improve this page? Help is welcome and volunteer contributions are happily considered! Read, understand and agree to Conditions for Contributions to Whonix ™, then Edit! Edits are held for moderation.
Copyright (C) 2012 - 2019 ENCRYPTED SUPPORT LP. Whonix ™ is a trademark. Whonix ™ is a licensee of the Open Invention Network. Unless otherwise noted, the content of this page is copyrighted and licensed under the same Freedom Software license as Whonix ™ itself. (Why?)