When comparing XSecureLock vs XScreenSaver, the Slant community recommends XScreenSaver for most people. In the question“What are the best screen-savers / screen lockers for UNIX-like systems?” XScreenSaver is ranked 1st while XSecureLock is ranked 4th.
Ranked in these QuestionsQuestion Ranking
Pros
Pro Created by Google with security in mind
- Authentication and screen saving in separate processes so that crash of these processes will not unlock the screen.
- The main process is kept minimal for easy auditing.
- The main process regularly refreshes the screen grabs (just in case).
- The main process regularly brings its window to the front, to avoid leaking notifications.
- The main process resizes its window to the size of the root window, avoid leaking information by attaching a secondary display.
- The main processes uses only a single buffer - to hold a single keystroke. Therefore it is impossible to exploit a buffer overrun in the main process by e.g. an overlong password entry.
- The only exit condition of the program is the Authentication Module returning with exit status zero, on which xsecurelock itself will return with status zero; therefore especially paranoid users might want to run it as sh -c "xsecurelock ... || kill -9 -1" :)
Pro Many options to choose from
Pro Also works with xfce screensaver
...although it will make your multiscreen return to mirrors screens afterwards.
Pro Has a good security model
Runs as a daemon with non-root display modes.... See here.
Cons
Con Cannot auto-lock after a certain time
By itself it doesn't support locking the screen after a certain duration of inactivity. See here.
Con Complex installation
Need to compile from sources for most distro and to also manually call it to lock the screen. See here.
Con Bad security design
Xscreensaver does not grab the keyboard immediately and in all cases. It also does not blank the screen immediately after an unsuspend. This means that a) you might post your password in a chat if you had it focused before the screen lcoked, b) anyone can see your screen if they just open your machine.