Linux

There needs to be some mechanism to recover your machine should this happen. It's not that much more difficult to do it on a windows machine either.

The truth of the matter is is if somebody has physical access to your machine it's not your machine anymore. They can pull out the hard drive and plug it into a machine that they have a password for and read from it if it's not encrypted. So on and so forth.

This is why encryption is important, but physical access to a device will always lead to bad things.

If an attacker has physical access then you're already screwed in most cases.

New to Linux so I’m sorry if I’m being ignorant, but it does seem crazy you can get access to a machine without the password.

This is always the case, no matter what OS you use, unless you use full-disk encryption. User credentials are all just data on a disk, so if someone has physical access to your machine, and your disk isn't encrypted, then they can access (and change) those credentials or any other data.

See also: https://ostechnix.com/reset-windows-password-with-linux-live-cd/

What’s even the point of having a password

As you say, preventing remote access is one, but also a password will slow someone down a bit, and stop low-knowledge adversaries entirely, possibly. Also you will at least know someone has messed with your machine if they change the password.

Really, though, there's nothing malicious someone can do to an unencrypted computer by changing the password that they couldn't do without changing the password (copy all your files, delete all your files, install malicious software). Except I guess annoying you by making you change your password back. 😆

Linux can do it to Windows machines too. If it’s not encrypted, USB drive is all it takes.

If it’s not encrypted, a live usb can read all the data on any machine anyway.

Account passwords have never had the purpose of protecting data from physical access - on Linux or any other operating system that I’m aware of. Physical access means an attacker can pull your drive and plug it into their computer, and no operating system can do anything to block access in that scenario, because the os on disk is not running.

You need disk encryption to protect your data. The trade off is that if you forget the encryption password, your data is unrecoverable by you. But that’s what password managers are for (or just writing it down and putting it in a safe).

I believe it's better not to pretend that an OS password is a secure protection of your data when physically access can just mean - I don't like that OS, I'm going to put on this OS instead, or indeed, I don't like this PC, I'm going to put your data in this PC instead.

Remember, most PCs can become someone else's PC just by plugging in the right USB key. In fact most Linux users will know that, having literally done this themselves.

Just as easy or easier on Windows since it has a GUI. If someone has physical access to your machine your basically screwed. Unless encrypted they could just pop the drive out and put it in another machine also. Also what is more likely for the average user someone comes in and tries to hack your password physically or something gets into your machine and someone tries remotely.

Unix was originally a networked system that many terminals would connect to. Being able to actually reach the machine meant that you had authority.

It's the same today. If someone has physical access, the system is so screwed that you can just give total privileges anyways.

I quess if you really want to secure your device you shloud use encryption to encrypt your data and/or make something that wipes all your data in case someone tries to log into your device but that's only when you have something really important to hide.

If somebody had physical access to a machine, they can get into it. If you want your data secured l, use encryption as others have suggested.