As it stands there are four accounts in Whonix, two in each VM. If a user made the password of all four the same, how bad would that be? I don’t see a problem in having the same password for root and regular user in the same VM at all, because both can do the same stuff given sudo. If I’m wrong about the last point please correct me.
Why no replies, is this question too hard or too easy?
You can become root with two different passwords
sudo su
su
I think that if you make it a strong password and don’t write it on a sticky-note that you keep under your keyboard it would not be a problem if the passwords are all the same.
The way the Linux stack is currently put together, you won’t gain much from using using a hard password for root. We were considering doing away with root accounts because it is just one more step without any clear security advantages.
2 Likes