also, if you are using startx to start your X session and haven't put
Option "DontZap" "True"
in your XF86Config file, then someone could press CTRL ALT BACKSPACE to kill
your X session and be logged in as you at the console.
One advantage of using a graphical login is that they will be returned to the
graphical login prompt if they try that. I would recommend putting that option
into your XF86Config though.
XScreenSaver is a screen saver and a screen locker; XLock is only a
locker. XScreenSaver is modular and extensible; XLock is monolithic.
XScreenSaver has a secure and auditable design; XLock... doesn't. More
details can be found on the XScreenSaver versus XLock page.