I DO NOT use my ROOT account's password or I do not use ROOT at all (except for administrative tasks), could the ROOT's password be sniffed EVEN if its NOT in use most of the time? (In other words, IDLE). If ROOT account is left IDLE most of the time, will it be vulnerable for password attacks?
In other words, I change my password under my limited user account every 60-days. But, I dont change the ROOT's password because I do not use it ONLY for emergencies and stuff like that. My question is, will it be OK to just leave ROOT's password UNCHANGED and only change my user password every 60-days???
Hope this is clear.