[5ilv3r]

If setting a root password is a hack, I'm Donald Duck.

[5ilv3r]

Uhg, ok I forgot some people don't know the code. The old adage is "On your first day as the new sysadmin, change all the root passwords". The idea is that a SECURE root is good, possibly better than no root (which is sort of a hack in itself). There are best practices for root passwords. Things like length, composition (no dict words), disabled for remote access, and care in who is allowed to have it.

Simply pretending root does not exist is a rather new idea and is not best practice. It's only for convenience.

[Forbo]

> composition (no dict words),

This is an outmoded guideline for password security. String enough dictionary words together and you achieve a high level of entropy. See for example https://en.wikipedia.org/wiki/Diceware

[saagarjha]

> Simply pretending root does not exist is a rather new idea and is not best practice. It's only for convenience.

Says who? Sure, it's convenient not to have to worry about choosing a secure password for your root account, but why is it "sort of a hack in itself"?

[snowpalmer]

I assume he means that you should always set a password for "root". Though most users don't even knows it exists.. hence it should have been taken care of by apple.

[5ilv3r]

No, not always. I just mean that sudo is a (very very popular) hack.

[saagarjha]

I really can't respond to you unless you explain your reasoning…