Passwords are annoying, we all know that, especially when you have to type them every few minutes on a test device at home that only you have access to. Fortunately, there are a few things you can do to make your life easier on Raspberry Pi while maintaining a minimum level of security. Let me explain.
For local access, the auto login feature on Raspberry Pi OS is the best option. Even if it’s possible to completely remove a password, it’s not recommended for obvious security reasons. Another solution is to set up SSH keys for remote access without a password.
I’ll cover these 3 methods in this article, but please don’t skip the first part about the security risks. Passwords are there for a reason, make sure you have taken this into consideration before moving forward.
If you’re looking to quickly progress on Raspberry Pi, you can check out my e-book here. It’s a 30-day challenge where you learn one new thing every day until you become a Raspberry Pi expert. The first third of the book teaches you the basics, but the following chapters include projects you can try on your own.
Security Warning: Understanding the Risks
I’ll tell you everything you can do to try to make your life easier and eventually remove the login step on your Raspberry Pi if it’s really what you want. But I have to start with a strong warning.
Passwords are there for a reason. Even at home or on a tiny network, you can have security breaches. Wi-Fi networks are still pretty easy to break and if you have no password, physical access to the device means instant unauthorized access.
If you have any personal or essential data on your Raspberry Pi, I wouldn’t completely remove the password. There are other things you can try (as we’ll discuss later).
It might be fine (and convenient) for a media center at home where you keep almost nothing on the device, but even in this case, try to keep remote access protected.
Also, make sure to disable administrator privileges (including “sudo”) for users that don’t require a password to open a session. It might be convenient to watch a movie or play a game without having to type a password, but you can type it when you do system updates or install new things.
Anyway, now we’ve got that out of the way, let’s see what you can do to remove the password or simply speed up the login stage.
Setting Up Auto Login on Raspberry Pi
The auto login feature will, as the name suggests, automatically open a session on your Raspberry Pi when the system boots. On Raspberry Pi OS (Desktop), it’s still enabled by default and skips the login stage.
Even with the security changes in the latest versions (no pi user, no default password, etc.), this is still the default configuration.
In terms of security, we keep the password enabled with this option, so remote access is still protected but physical access to the Raspberry Pi doesn’t require a password.
If it’s not enabled on your system, that’s one thing you can try. And by the way, it’s also possible to do this on a Lite edition of Raspberry Pi OS. I’ll show you how.
Manage Auto Login from the Desktop Environment
As mentioned earlier, auto login is currently enabled by default, but here is how to configure this if needed:
- In the main menu, go to Preferences, and open Raspberry Pi Configuration.
- In the window that shows up (first tab), you’ll see something like this:
It might be slightly different depending on your OS version, but it’s basically the same layout.
- Use the switch (or checkbox) to disable or enable auto login.
When the switch is on, or the checkbox is checked, the system will open the current session automatically on boot.
The system will still ask for your password for administrative tasks (package installation, system updates, etc.) or remote access, but not to open the session. So it’s not that bad, especially if nobody can access the Pi physically (or you trust them!).
Manage Auto Login from the Terminal
If needed, it’s also possible to change this option via raspi-config, the Raspberry Pi configuration tool using the command line.
And something that is less known is that auto login can also be enabled on a server, configuring Raspberry Pi OS (Lite) to automatically open a session even when no GUI (Graphical User Interface) is installed.
Here is how to do this:
- Start the Raspberry Pi configuration tool, available via this command:
- In Raspi-Config, go to “System Options”.
- Then select “Boot / Auto Login”:
- Finally, select the option you’re interested in:
Options 3 and 4 are only available if you have a desktop environment installed, working the same way as the previous method shown in the GUI.
Options 1 and 2 allow you to enable or disable auto login in the text console. If you enable it, your session will automatically open in the black terminal you use on Raspberry Pi OS Lite.
Are you a bit lost in the Linux command line? Check this article first for the most important commands to remember and a free downloadable cheat sheet so you can have the commands at your fingertips.
Using SSH Keys for Remote Access
Another way to bypass typing the password is to set up SSH keys for remote access. This is great when using a Raspberry Pi as a server, it keeps it protected while making the connection more convenient for us.
SSH keys are a safe method of authorizing your computer to access your Raspberry Pi by using a key (like a fingerprint if you prefer). It’s possible to configure SSH key authentication without having to type any password.
The process is a bit long to be included here and I already have a full guide about this, so I’ll give you the link, but basically, the main steps are:
- Generate SSH keys for the current user on your computer (public and private).
- Send the public key to the Raspberry Pi.
- Configure the Raspberry Pi to allow SSH access with this key.
- Configure the computer SSH client to use this key.
It really works like a fingerprint reader. Once the Raspberry Pi knows about this computer and user, access will be granted automatically.
You can find all the details to set this up in this article: How to Generate & Use SSH Keys on Raspberry Pi.
What’s great about this option is that we keep the password set. We can have auto login disabled and it’s even safer to use SSH keys instead of passwords (if your computer is safe obviously), and way more convenient.
Completely Disabling User Passwords
Finally, the last thing you can do if the previous solutions don’t suit you is to completely remove the password to your user account. It’s not recommended (for the security reasons mentioned earlier, but it’s possible).
Unlike the previous methods, it’s not an auto login, it’s not authorized access to a specific user or computer, it’s just that there is no login, so anybody can open your session and there is no password.
To remove the current password on any username on the system, open a terminal and use:
sudo passwd -d <username>
The next time you restart the Raspberry Pi or try to open a session for this user, you won’t be prompted for a password (or you can leave it blank if you use a GUI).
For your information, by default SSH access is not allowed for accounts without a password. And it’s probably better this way. It means that even if you remove the password for a user, SSH remote access is just impossible for this user (but I think VNC works without a password, so it’s not that safe anyway).
If you really want to allow SSH access without a password, you should consider the previous method with SSH keys. But if you’re OK with an empty password, you just need to add this line to your ssh config file (/etc/ssh/sshd_config):
PermitEmptyPasswords yesAnd restart the service:
sudo service ssh restart
I don’t have SSH keys set up, but I can now access my Pi without any password:
It’s really not a good idea, but as often, Linux lets you do whatever you want :-).
Reminder: Remember that all the members of my community get access to this website without ads, exclusive courses and much more. You can become part of this community for as little as $5 per month & get all the benefits immediately.
Additional Considerations and Questions
What about the sudo password?
If the current user has no password but is allowed to use sudo (bad idea), no password will be asked when using sudo, which is a major security risk.
I would highly recommend removing sudo permissions for any user who doesn’t have a password set (remove this user from the sudo group).
Use a different user for this (click on the link to know how to create a new user and switch to it).
How to re-enable passwords on Raspberry Pi?
If your goal was to disable the password temporarily, you can basically reverse what you just did by following the same steps:
- Disable auto-login via the Raspberry Pi Configuration tool or raspi-config.
- Set a new password with:
sudo passwd <username>
- Remove the SSH key from the allowed keys or change the server configuration.
If you’re looking to keep your system safe, I highly recommend reading this article:
17 Security Tips To Protect Your Raspberry Pi Like A Pro.
Not sure where to start?
Understand everything about the Raspberry Pi, stop searching for help all the time, and finally enjoy completing your projects.
Watch the Raspberry Pi Bootcamp course now.
Master your Raspberry Pi in 30 days
Don’t want the basic stuff only? If you are looking for the best tips to become an expert on Raspberry Pi, this book is for you. Learn useful Linux skills and practice multiple projects with step-by-step guides.
Download the e-book.
If you just want to hang out with me and other Raspberry Pi fans, you can also join the community. I share exclusive tutorials and behind-the-scenes content there. Premium members can also visit the website without ads.
More details here.
Need help building something with Python?
Create, understand, and improve any Python script for your Raspberry Pi.
Learn the essentials step-by-step without losing time understanding useless concepts.
Get the e-book now.
You can also find all my recommendations for tools and hardware on this page.