Linux.com: Enhance Boot-Time Security with GRUB Passwords

“The security of data files on your computer is at risk, and not
just because you are connected to the Internet. Anyone with
physical access to your machine can bypass all passwords to gain
entry to your hard disk with one simple command given to the
bootloader. Fortunately, the popular GRand Unified Bootloader
(GRUB) is equipped with security features to prevent such an
‘attack.’ It can password protect each entry of your boot menu.

“GRUB allows a user to boot into single-user mode from the GRUB
menu. Single-user mode is the first interactive runlevel in Linux
systems, where only one user–the root users–is allowed access.
You can boot into single-user mode without providing any
passwords–clearly a security threat…”