There are several methods to protect the Grub in our favorite distribution. I particularly tried with this variant and with This other, but none worked for me. Maybe I was missing something and it is a shame, because when generating the passwords with Hash, the thing is more secure.
But anyway, I will show you one that did work wonders for me, and that asks me for username and password when I try to edit the Grub. The steps are simple:
1- We edit the file /etc/grub.d/00_header:
$ sudo nano /etc/grub.d/00_header
2- We add the following lines to the final:
cat << EOF
set superusers="elav"
password elav micontraseña
EOF
In my case, I chose my nickname as a superuser, but you can choose whatever you want. If we want, we can add more users, and it would look like this:
cat << EOF
set superusers="elav"
password elav micontraseña
password kzkggaara sucontraseña
EOF
We save and update the Grub.
sudo update-grub2
We reboot and when we try to edit the Grub with the key "and" It will ask us for username and password 