Disabling login access to account, nologin,false or null?
 

which is better for security in order to disable login to an account, setting the shell to false, nologin or null?

is there any difference?

I assume that it's not a standard user account that you are wanting to block access to, since you could easily delete it or just do a 'usermod -L [username]' which will lock that account(-U will unlock it).

I believe that the best course of action would be to view /etc/passwd and see what other accounts of that same type are set as and mimic that configuration.

Using the -L/-U option, you will be able to see that the account is locked by looking at /etc/shadow. There will be an "!" in front of the password hash for the account if it's locked.

yes I know how to lock an account, I guess what I am really asking is what the difference is functionally between the 3.

ie is there a way an attacker could get around one or something like that?