Comment 3 for bug 1600389

I suppose I should add another caution that regardless of the setting of the "automatic login" setting on user accounts, it's possible that anyone that can interact with the computer during early boot can use e.g. "init=/bin/sh" at the kernel command line to boot into an environment without any passwords, which can then be used to change nearly everything on the system.

If you wish to keep your data private, a simple screen lock and login passwords are not sufficient; full disk encryption or per-user encrypted mounts (eCryptfs) are required.