Generate a password hash
# grub-mkpasswd-pbkdf2Add user and password to grub
# vim /etc/grub.d/40_custom #!/bin/sh exec tail -n +3 $0 # This file provides an easy way to add custom menu entries. Simply type the # menu entries you want to add after this comment. Be careful not to change # the 'exec tail' line above. set superusers="abraxas" password_pbkdf2 abraxas grub.pbkdf2.sha512.10000.171D5F30959A0474C0C85E1912619FA0F059B1ADFDEBE2DF9311FEDF8F45953B159CCC0C4D5AF23A437D967AA492F37B950CEAAA2BAB4E595F1FC14DA.6FD77B05AB3A3055DA834F5AE54AAF9920A1227D1BBC64094E163D24FC25E5C9A8F9C850E90
# chmod +x /etc/grub.d/40_customUnrestricted boot
In case you only want password verification when user wants to edit the boot parameters.
On row 34 in /etc/grub.d/10_linux change the following line:
CLASS="--unrestricted --class gnu-linux --class gnu --class os"
# grub-mkconfig -o /boot/grub/grub.cfg
# update-grub