If you have lost your admin account password then you have to reset it. This can be done with several easy steps if you have physical access to the machine.
This is not considered as a "flaw" - because if you have physical access to the machine you can do a lot more than changing the admin pass. You can also disable this option if you want more security and encrypt your disk.
Solution reset password with GRUB
At start up of the OS press SHIFT
(if you have only Ubuntu on your machine)
If you have a more than one OS - the boot menu should appear directly - no need of SHIFT.
Select recovery mode for the latest kernel version (From the boot menu)
Go to root shell prompt - by pressing ᛎ to navigate to that option and press Enter to select it.
Reset the password by:
passwd << username >>
where << username >> is the account you want to reset, for example:
- in case of forgotten account type:
This will list all accounts on your machine.
- Set a new password - just type the password and press Enter. Retype the password for confirmation and again press Enter.
Note - while typing the new password nothing will change on the console.
- Return to the recovery menu by typing: