Pulse of Truth

2343 readers

267 users here now

Cyber Security news and links to cyber security stories that could make you go hmmm. The content is exactly as it is consumed through RSS feeds and wont be edited (except for the occasional encoding errors).

This community is automagically fed by an instance of Dittybopper.

founded 2 years ago

MODERATORS

krogoth@infosec.pub

Ubuntu 26.04 Ends 46 Years of Silent sudo Passwords (pbxscience.com)

submitted 3 days ago by lemmydev2@infosec.pub to c/pulse_of_truth@infosec.pub

12 comments fedilink hide all child comments

Comments

you are viewing a single comment's thread
view the rest of the comments

[–] sik0fewl@piefed.ca 7 points 3 days ago (2 children)

“Security is theoretically worse since password lengths are exposed to people watching your screen, but this is an infinitesimal benefit far outweighed by the UX issue.”

— SUDO-RS UPSTREAM COMMIT MESSAGE, ENABLING PWFEEDBACK BY DEFAULT

Do people actually struggle with this, UX-wise? I find that I mistype my password just as often whether or not it is silent or asterisks.

[–] TrickDacy@lemmy.world 11 points 3 days ago (1 children)

I have many times accidentally pressed a single key and then had to start over because I had no feedback to confirm it's only one accidental key press.

[–] Martineski@lemmy.dbzer0.com 9 points 3 days ago (2 children)

I also hold the backspace for a (relatively) stupid long amount of time when I do know I made a typo because of no feedback on that either. Lol

[–] rbos@lemmy.ca 5 points 3 days ago

Ctrl-U clears the line.

[–] TrickDacy@lemmy.world 2 points 3 days ago

Yep. I either do that or Ctrl-C and run the command again. I think many of those will be avoidable with feedback

[–] Flipper@feddit.org 5 points 2 days ago (1 children)

The first time i came across a sudo prompt i thought i didnt work. Yes. I think its bad for new comers.

[–] sik0fewl@piefed.ca 1 points 2 days ago

Ha. Didn’t even think of that. It definitely used to be a more common pattern.