15. Root Password

15. Root Password
Prev		Next

This is the most crucial decision point for the security of your GNU/Linux system: you must enter the root password. Root is the system administrator and is the only user authorized to make updates, add users, change the overall system configuration, and so on. In short, root can do everything! That's why you must choose a password which is difficult to guess: DrakX will tell you if the password you chose is too simple. You're not forced to enter a password, but we strongly encourage you to do so. GNU/Linux is just as prone to operator error as any other operating system. Since root can overcome all limitations and unintentionally erase all data on partitions by carelessly accessing the partitions themselves, it is important that it be difficult to become root.

The password should be a mixture of alphanumeric characters and at least 8 characters long. Never write down root's password — it makes it far too easy to compromise your system.

One caveat: don't make the password too long or too complicated because you must be able to remember it!

The password won't be displayed on screen as you type it. To reduce the chance of a blind typing error you will need to enter the password twice. If you do happen to make the same typing error twice, you will have to use this “incorrect” password when you try to connect as root, at least for the first time.

You can change the way users are authenticated on your computer by clicking on the Authentication method button. The following authentication methods are available:

Local file. Use a local file for all authentication and user information. This is the default method.
LDAP. Use an LDAP server for some or all authentication needs. An LDAP directory consolidates certain types of information within your organization.
NIS. Authenticates users against a NIS domain. This allows you to run a group of computers in the same NIS domain using a common password and group file.
Smart Card. Uses SmartCard hardware for providing authentication services.
Windows Domain. Uses a Windows^® domain controller to provide authentication services through Active Directory, Microsoft's implementation of LDAP.

If you select a method other than Local file, you will be asked to provide some parameters, which vary from one method to the other. If you don't know those parameters, you should ask your network administrator.

	Note
	If you happen to have problems remembering passwords, or if your computer will never be connected to the Internet and you absolutely trust everybody who uses your computer, you can choose to have No password. Please bear in mind that this is an insecure option, and it is not recommended.

Prev		Next
14. Choose Packages to Install	Home	16. Adding a User