Sudo-rs enables pwfeedback by default for Resolute Raccoon (opens in new tab)

(discourse.ubuntu.com)

3 pointstimhh26d ago3 comments

3 comments

Shoulder surfing for passwords is a tiny concern compared to how much these measures hurt ux. I am happy that the current trend is now to also let the user toggle off the * to see what you actually typed.

I don't know if these were added but to match security of other graphical password fields after submitting the password the terminal should clear the starts and while the password is being inputted it should protect the window so it can not be screen recorded.

croes24d ago

With modern technology you don’t actually need to be behind the shoulder to see that information, so that is less security for some convenience.

I don’t think we can afford less security

timhhOP26d ago

I recently started using Linux again, and decided to try and fix some of its more ancient and silly UX paper cuts. This is my first success!

My attempt to fix the annoying and unnecessary 2 second delay when you mistype your password is going rather less well: https://github.com/linux-pam/linux-pam/pull/789

Does anyone want to rewrite PAM in Rust? :D

j / k navigate · click thread line to collapse