On Sun, Sep 07, 2025 at 11:39:14PM -0400, hlyg wrote: > > On 9/7/25 9:13 PM, Greg Wooledge wrote: > > According to the IRC bot: > > > > 21:12 =dpkg> The debian-live images have a user account configured for you > > to > > use. username: user ; password: live > > > > Thank Wooledge! > > why don't they choose passwordless or empty password? > > empty password is easier to guess. >
Empty password is a security hole, especially if that gives immediate root. (A well-known password is also a security hole, particularly if it cannot be changed on a read-only medium :) All best, Andy ([email protected])
