I see a lot of recommendations about disabling password logons and such. I wonder exactly what attack is being prevented. If my root pwd is 20 random characters, I fail to see how that can be brute forced. Is there some other feasible attack I am missing?
note: This is a personal box. Not a work production machine.
[link] [comments]