Privia Security was chosen as one of Türkiye's fastest growing companies!
Privia Security was chosen as one of Türkiye's fastest growing companies!
Kali is a distribution that comes with a “root” user by default. With the upcoming 2020.1 release, a decision was made to change this system. With the new release, a new non-root user will be defined as the default user during Kali installation. The new version is planned to be released at the end of January or beginning of February. The feature of Kali distribution coming with a default root user traces back to BackTrack.
The reason why Kali has historically used root as the default user is that most of the tools used in penetration testing require root-level access. However, this approach carried risks — if any tool or service contained vulnerabilities, an attacker could exploit them with root privileges already in place.
With version 2020.1, the Kali team decided to align with standard security practices used by other major Linux distributions. During fresh installations, users will now be prompted to create a standard user account, with root access available through sudo when required. The default credentials for live boot sessions will also change from root/toor to a standard user with sudo privileges.
This change reflects the evolving nature of penetration testing workflows, where most modern tools no longer strictly require a persistent root session. The Kali team noted that this change will bring Kali more in line with best practices without significantly impacting the experience of experienced users, while making the distribution safer and more accessible for newcomers to the field.
You May Be Interested In These
