Hi, thanks for taking the time to try Endless and additionally stepping in to provide feedback!
This functionality can be disabled via a terminal command if you wish:
From the perspective of someone with plentiful technical experience like yourself, this may indeed seem like a weird misfeature. But to at least share some of the background here:
Endless’s underlying mission is to solve the barriers that prevent equal access to technology & education. We’ve spent years working with students and families who have never had a PC before, but now they have their first PC - running Endless OS. This is at the heart of what we do. Making software for such target users brings plenty of interesting challenges and considerations that are surprising to us who have a significantly greater amount of PC usage experience.
And this is one such case. The most common support requests from this type of user is “I lost my password”. And I’m not just referring to a handful of support tickets. Over the years, this has formed the overwhelming majority of support requests that we have received. Even when we took steps such as making the default be a passwordless user account, and requiring the user to set a password hint along with their password, there was barely any change to this reality. Anyway, this password reset system has emerged from years of practical experience in that area.
It’s far from ideal of course, and we have alternative ideas to explore, but anyway, that is how we got to where we are today.