sudo is probably the most famous command in the Linux world. It allows ordinary users to run other commands or programs using the superuser privileges, which will allow them to do system-wide changes or modifications that they weren’t able to do with their ordinary user privileges.
The Current Situation
By default on all Linux distributions, when you run the
sudo command, you’ll need to enter the superuser password just like below:
One thing to be noticed from the picture above is that the password is hidden. When users write anything at that time, nothing will be displayed on the screen, not even asterisks. They’ll have to trust that there’s something written in the terminal and just write their passwords and hit Enter.
Historically, this is done for both ease of implementation and security reasons. It makes it difficult for people standing near your shoulder from knowing your password length. If they don’t know your password length, it would be harder for them to guess it. They can, of course, listen to the keystrokes you are hitting and try to guess how many characters did you hit? But that’s more difficult than just looking at the screen and counting the number of asterisks there.
Also, when they see that your password is too long, they might not even try to use your computer and guess your password. But if your password is less than few characters, it will give them hope.
Additionally, in terms of implementation, displaying an asterisk instead of the password character requires more code and work to do. In the terminal, when you write normal commands and you see them in the terminal, it’s because the “echo mode” is set to
On, meaning that all characters will be displayed on your screen. In sensitive commands, however, such as
passwd, “echo mode” is set to
Off, which simply doesn’t take the extra step of printing those characters to the screen. So that’s less work and code to do, and it went on like that since the Unix days to simply hide the password characters.
From a user experience perspective, and talking about the new users of Linux distributions, and very non-techy people who might need to use the
sudo command, the current way this is done doesn’t give them any explanation or hint about why the keys that they are hitting aren’t displayed in the screen when they write their passwords. They would think that there’s an issue in the system or their keyboards, because no visual feedback is given.
Of course, as people who use Linux or other Unix-like systems for years, this is a trivial thing for us. But for new people, and ordinary teachers, doctors, your grandpa or my aunt, this is a very bad user experience. Users do expect to get feedback on the screen when they hit keyboard keys, which isn’t being done here.
A workaround would be to run
sudo visudo command, and then changing the
Defaults env_reset line to
Defaults env_reset, pwfeedback, and then saving the file and exiting:
From now on,
sudo will display asterisks when you enter your passwords:
Major Linux distributions should take this issue into consideration and try to fix it. There are two approaches that we see as feasible:
- Just like the above, make
sudodisplay asterisks when you enter your password. But that will take away the little advantage of people not knowing the length of your password. Whether this advantage is actually needed or not in real world is open to discussion.
- Display a text message whenever the
sudocommand is called that explains what’s happening and why the characters aren’t being displayed. A normal
sudouse case then would be:
mhsabbagh@potatopc:~$ sudo synaptic Note: Keys you write now are not going to be displayed on the screen for security reasons, but the system does receive them. [sudo] password for mhsabbagh:
In that way, the terminal would still not display the password characters as they are being entered, but first-users will realize and understand that what they are writing is actually there, not that there’s an issue or a problem in their keyboard.
We have seen so far why is this an issue, how to workaround it and what are the possible permanent solutions for it. If you are a member of any major Linux distribution community, it would be a good idea to discuss this topic with your distribution’s developers and see what they think about it.
In the meantime, we would like to know about your opinions in the comments below.