From 05eab7d0a4d223ec036c94cb14851fc461bfb439 Mon Sep 17 00:00:00 2001 From: Tim Hutt Date: Mon, 13 Oct 2025 09:15:19 +0100 Subject: [PATCH] Enable pwfeedback by default Change the default so that asterisks are shown when entering passwords. It is still possibly to disable the asterisks by explicitly turning `pwfeedback` off. This fixes a major UX pain point for new users. Security is theoretically worse since password lengths are exposed to people watching your screen, but this is an infinitesimal benefit far outweighed by the UX issue. Outside of sudo/login no other password entry interfaces omit asterisks (including others on Linux). Fixes #1300 --- docs/man/sudoers.5.man | 2 +- docs/man/sudoers.5.md | 2 +- src/defaults/mod.rs | 2 +- src/sudoers/policy.rs | 4 ++-- 4 files changed, 5 insertions(+), 5 deletions(-) diff --git a/docs/man/sudoers.5.man b/docs/man/sudoers.5.man index 49e226188..ad8c78684 100644 --- a/docs/man/sudoers.5.man +++ b/docs/man/sudoers.5.man @@ -769,7 +769,7 @@ When pwfeedback is set, sudo will provide visual feedback when the user presses a key. Note that this does have a security impact as an onlooker may be able to determine the length of the password being entered. -This flag is off by default. +This flag is on by default. .RE .IP \[bu] 2 rootpw diff --git a/docs/man/sudoers.5.md b/docs/man/sudoers.5.md index 569a4d47f..6740af4e0 100644 --- a/docs/man/sudoers.5.md +++ b/docs/man/sudoers.5.md @@ -386,7 +386,7 @@ sudo's behavior can be modified by Default_Entry lines, as explained earlier. A * pwfeedback - By default, sudo reads the password like most other Unix programs, by turning off echo until the user hits the return (or enter) key. Some users become confused by this as it appears to them that sudo has hung at this point. When pwfeedback is set, sudo will provide visual feedback when the user presses a key. Note that this does have a security impact as an onlooker may be able to determine the length of the password being entered. This flag is off by default. + By default, sudo reads the password like most other Unix programs, by turning off echo until the user hits the return (or enter) key. Some users become confused by this as it appears to them that sudo has hung at this point. When pwfeedback is set, sudo will provide visual feedback when the user presses a key. Note that this does have a security impact as an onlooker may be able to determine the length of the password being entered. This flag is on by default. * rootpw diff --git a/src/defaults/mod.rs b/src/defaults/mod.rs index 36fef87ad..475f114ed 100644 --- a/src/defaults/mod.rs +++ b/src/defaults/mod.rs @@ -39,7 +39,7 @@ defaults! { match_group_by_gid = false #ignored use_pty = true visiblepw = false #ignored - pwfeedback = false + pwfeedback = true rootpw = false targetpw = false noexec = false diff --git a/src/sudoers/policy.rs b/src/sudoers/policy.rs index c22d91540..09fe55b6d 100644 --- a/src/sudoers/policy.rs +++ b/src/sudoers/policy.rs @@ -194,7 +194,7 @@ mod test { allowed_attempts: 3, prior_validity: Duration::minutes(15), credential: AuthenticatingUser::InvokingUser, - pwfeedback: false, + pwfeedback: true, password_timeout: Some(Duration::seconds(300)), }, ); @@ -211,7 +211,7 @@ mod test { allowed_attempts: 3, prior_validity: Duration::minutes(15), credential: AuthenticatingUser::InvokingUser, - pwfeedback: false, + pwfeedback: true, password_timeout: Some(Duration::seconds(300)), }, );