Backup and re-install. If you don't have a password then this guy had root access and could have done anything.
Make sure you have a password that's not easy to guess on any account that has sudo access. This includes the first account. You can set your computer not to require your password to logon and only use it when you want to update and make changes if you wish but a password is essential if you want any security.
Personally I would require the password on start-up: that way you use it regularly so won't forget it when you really need it. If other people need to use your computer give them their own account without sudo privileges.
Remember physical access is root access so don't give your computer to anyone you don't trust.
Depending on your computer you may be able to set a BIOS password so that its required on every boot, or just to change boot order.
Finally you can prevent recovery console if you give root a password.
Bookmarks