Change password documentation improvements

So recently a change was made to Whonix you have to go into “PERSISTENT mode SYSMAINT session” in order to use sudo in Terminal. And it appears to me that you can even now use a GUI option to change the user password is that correct? So how do I use the GUI to change the user password?

Listen, this page needs to be updated with the latest current up to date information. Please update this page and tell me how to change the user password using the GUI (a screenshot would be nice). And also please mention the fact you can still use the command line option, which is easy, it’s just “sudo passwd user” in the Terminal.

So please update this page? Post-installation Security Advice

Thank you. I do appreciate it.

It’s linking to Configuring Passwords, which has been improved just now. Fixed?

Well, there’s a button that says Manage Passwords, which apparently you’ve already seen - why not try it?

This you can generally assume on Linux. Just because there’s a GUI, doesn’t mean CLI method gets deprecated. Often, the GUI is just a front-end for the CLI.

Patrick, this page absolutely needs to be updated with current information on how to change user password on Whonix Post-installation Security Advice

You can use a GUI to change user password in Whonix now right? Ok tell me how, in fact take a screenshot would you?

And mention that you can also just use command line by enterting “sudo passwd user” to change password (but you have to go into “PERSISTENT mode SYSMAINT session” first though in order for sudo to work)

I don’t know why so many of my points keep flying past your head. My IQ is average, probably somewhere between 90 and 100, which is average. You’re the main developer behind Whonix right? So your IQ is probably above 120 maybe even higher than 130. You’re definitely very smart.

Many of my points just fly right past you, you keep disagreeing with me, and I’m the average layman here, I know how to make tutorials that the average person can understand cause I am the average person with an average intelligence. I don’t know how to code. I am the average person with an average intelligence.

And you can’t link to this Login Security cause it talks about kicksecure, it makes no mention of Whonix, it’s clearly not for Whonix, I am telling that would confuse the living hell out of me and I am the average layman.

This page here Post-installation Security Advice needs to be updated with the correct current information please?

Or am I gonna have to edit that page as well? I mean I guess I could but it’d be cool if you could just take care of that real quick?

Tell us how to use the GUI in whonix to change the password, maybe take a screenshot of it? And don’t forget to mention that another option is you can just use the command line and simply enter “sudo passwd user”

And yes you have to tell the user these things, how else would the user know?

If you don’t tell the the user how would they know?

I am the average layman, how am I gonna know this unless you tell me?

this page Post-installation Security Advice months ago used to say that if you wanted to change the user password in Whonix all you had to do was go into Terminal and enter “sudo passwd user”

But all that has been deleted. It needs to be fixed. Please update it?

Unfortunately, it’s not so simple. The wiki page is as is for reasons. For example:

2. Change Keyboard Layout if necessary.

3. Review Test Keyboard Layout before proceeding further.

This is mentioned, because users typed the password with the wrong keyboard layout and then locked themselves out.

8. Run a test command with administrative (“root”) rights by using sudo.

This is only a simple test to confirm that the user can currently escalate to administrative rights. [6] Type the following command in the terminal and press <Enter>.

sudo systemd-detect-virt

This is mentioned because users mistyped their existing sudo password and then wondered why they could not change the password while the actual issue was being entering the wrong old sudo password.

This wiki page must be understood:

A user that cannot understand this: that user cannot use Whonix.

If that means no laymen, then that’s that.

Documentation has been split into Kicksecure and Whonix. Duplicating documentation is avoided whenever possible to reduce maintenance overhead. Most users seem to be understanding that wiki page. There haven’t been any reports by users who didn’t understand it.

We cannot reach the usablity of Google Android or iOS. Reasons:

With user-sysmaint-split, we’ll not be winning any award for the best usability Linux distribution. So we need to be realistic about the target audience.

This is my expectation:

I am absolutely confused, why can’t this page Post-installation Security Advice just simply show you how to change the password using the GUI? You can now use a GUI to change the password in Whonix right?

And it could tell you that you can also use the command line to change the password but it could warn you, that you absolutely have to be careful going this route cause some people who weren’t being careful have locked themselves out.

It should at least show you how to use the GUI to change your password.

And I might just edit that page myself.

If someone is stupid enough to lock themselves out, well they can always just uninstall Whonix and re-install it. I’ve used the command line to change the user password it’s not hard at all. You’d have to be a dummy to lock yourself out.

You want more Linux users to start using Whonix right? You want Whonix to grow in popularity right?

Because it’s not how the project is designed. How is it designed? Refer to the following concepts:

• Whonix is based on Kicksecure
• Whonix is based on Debian
• Self Support First Policy for Whonix
• Potential Solutions Beyond Whonix!
• Free Support for Whonix
• Utilize Search Engines, Documentation and AI
• Linux User Experience versus Commercial Operating Systems

Don’t.

Cannot make everybody happy.

I am not convinced this change password thing is a big deal. One cannot be an absolute beginner and at the same time password change a big deal.

With how the documentation is structured now, many people can perform a wide array of tasks.

The goal is to help users help themselves, as it is infeasible to provide detailed, free support for an ever-growing number of users.

So, understanding the above concepts (the links that I posted) is essential.

Those refusing to study above concepts are not the target audience.

Quote Whonix Documentation

This documentation is a crash course in anonymity and security on the Internet. Whonix is a technological means to anonymity, but staying safe necessitates complete behavioral change; it is a complex problem without an easy solution. The more you know, the safer you can be.

Viewpoints such as:

• “I refuse to leave the Whonix website”,
• “I demand a unified experience from Whonix and the Whonix website”,
• “I refuse to read the wiki and demand detailed step-by-step guidance in the forums for free”,

are fundamentally incompatible with that.

The least technically skilled user is not the target audience. That’s how the project developed. It wasn’t the goal from the start to serve the least technically skilled user.

The least technically skilled user will likely be incapable to see what’s the point of Whonix.

If we wanted to target the least technically skilled user, then support for other virtualizers such as KVM, Qubes would have to be rejected because documentation such as this:

Platform specific.

Select your platform.

• VirtualBox
• KVM
• Qubes

Because when laymen are reading that, they’re like “What’s that?” The more confusion and obstacles there are, the more likely laymen will give up.

On top of this, each supported virtualizer will result in a lot of content on third-party websites discussing these. Any video about Whonix KVM or Qubes-Whonix can confuse a laymen, make them discard the idea.

Even the Whonix split-VM architecture (Whonix-Gateway + Whonix-Workstation) is detrimental to laymen adoption.

Helping more technical users (through providing documentation to do more complicated things) is also detrimental to laymen adoption, because it bloats documentation and search engine results.

Instead, the development direction and documentation of Whonix and target audience was influenced by its contributors (through source code and documentation contributions) and users (through questions in forums which then lead to changes in source code and/or documentation).

This is the target audience that will be continued to be served. A huge change in direction, focusing on the least technically skilled user is not planned. Related:

• DRAFT: Whonix Community Survey: Shaping the Future of Whonix
• Whonix Community Survey: Shaping the Future of Whonix

If someone wanted to serve the least technically skilled user, they could consider to software fork Whonix, re-brand it, scrap documentation and features and focus on maintaining a more minimal and simple version.