Skip to main content
Unix & Linux

Return to Question

Post Closed as "Not suitable for this site" by muru, ReflectYourCharacter, Andy Dalton, G-Man Says 'Reinstate Monica', Kamil Maciorowski
added 1 character in body
Source Link
terdon
terdon
  • 252.2k
  • 69
  • 480
  • 718

In Ubuntu (maybe other distros too) terminals it appears that password echoing gets enabled between failed password prompts revealing whatever is being typed (the password most probable). demo GIFdemo GIF

I encountered this issue where my password became visible in plaintext on the terminal when hitting enter by accident before starting typing the password.

Steps to Reproduce:

  1. Execute a command that requires a password e.g. sudo ls.
  2. When prompted for the password, hit Enter before typing anything, then immediately start typing the password.
  3. While the system validates the empty password, the keyboard input becomes visible revealing your password.
  4. By the time you hit enter again the system already rejected the empty password and successfully validates the new one leading to a correct execution.

Expected Behavior:

When prompted for password the system should disable input echoing until the password is correctly validated, all the attempts have failed, or the operation has been canceled.

In Ubuntu (maybe other distros too) terminals it appears that password echoing gets enabled between failed password prompts revealing whatever is being typed (the password most probable). demo GIF

I encountered this issue where my password became visible in plaintext on the terminal when hitting enter by accident before starting typing the password.

Steps to Reproduce:

  1. Execute a command that requires a password e.g. sudo ls.
  2. When prompted for the password, hit Enter before typing anything, then immediately start typing the password.
  3. While the system validates the empty password, the keyboard input becomes visible revealing your password.
  4. By the time you hit enter again the system already rejected the empty password and successfully validates the new one leading to a correct execution.

Expected Behavior:

When prompted for password the system should disable input echoing until the password is correctly validated, all the attempts have failed, or the operation has been canceled.

In Ubuntu (maybe other distros too) terminals it appears that password echoing gets enabled between failed password prompts revealing whatever is being typed (the password most probable). demo GIF

I encountered this issue where my password became visible in plaintext on the terminal when hitting enter by accident before starting typing the password.

Steps to Reproduce:

  1. Execute a command that requires a password e.g. sudo ls.
  2. When prompted for the password, hit Enter before typing anything, then immediately start typing the password.
  3. While the system validates the empty password, the keyboard input becomes visible revealing your password.
  4. By the time you hit enter again the system already rejected the empty password and successfully validates the new one leading to a correct execution.

Expected Behavior:

When prompted for password the system should disable input echoing until the password is correctly validated, all the attempts have failed, or the operation has been canceled.

added 14 characters in body
Source Link
Cristian Tatu
Cristian Tatu
  • 9
  • 1

In linuxUbuntu (maybe unixother distros too) terminals it appears that password echoing gets enabled between failed password prompts revealing whatever is being typed (the password most probable). demo GIF

I encountered this issue where my password became visible in plaintext on the terminal when hitting enter by accident before starting typing the password.

Steps to Reproduce:

  1. Execute a command that requires a password e.g. sudo ls.
  2. When prompted for the password, hit Enter before typing anything, then immediately start typing the password.
  3. While the system validates the empty password, the keyboard input becomes visible revealing your password.
  4. By the time you hit enter again the system already rejected the empty password and successfully validates the new one leading to a correct execution.

Expected Behavior:

When prompted for password the system should disable input echoing until the password is correctly validated, all the attempts have failed, or the operation has been canceled.

In linux (maybe unix) terminals it appears that password echoing gets enabled between failed password prompts revealing whatever is being typed (the password most probable). demo GIF

I encountered this issue where my password became visible in plaintext on the terminal when hitting enter by accident before starting typing the password.

Steps to Reproduce:

  1. Execute a command that requires a password e.g. sudo ls.
  2. When prompted for the password, hit Enter before typing anything, then immediately start typing the password.
  3. While the system validates the empty password, the keyboard input becomes visible revealing your password.
  4. By the time you hit enter again the system already rejected the empty password and successfully validates the new one leading to a correct execution.

Expected Behavior:

When prompted for password the system should disable input echoing until the password is correctly validated, all the attempts have failed, or the operation has been canceled.

In Ubuntu (maybe other distros too) terminals it appears that password echoing gets enabled between failed password prompts revealing whatever is being typed (the password most probable). demo GIF

I encountered this issue where my password became visible in plaintext on the terminal when hitting enter by accident before starting typing the password.

Steps to Reproduce:

  1. Execute a command that requires a password e.g. sudo ls.
  2. When prompted for the password, hit Enter before typing anything, then immediately start typing the password.
  3. While the system validates the empty password, the keyboard input becomes visible revealing your password.
  4. By the time you hit enter again the system already rejected the empty password and successfully validates the new one leading to a correct execution.

Expected Behavior:

When prompted for password the system should disable input echoing until the password is correctly validated, all the attempts have failed, or the operation has been canceled.

Source Link
Cristian Tatu
Cristian Tatu
  • 9
  • 1

Password revealed in terminal after empty password attempt

In linux (maybe unix) terminals it appears that password echoing gets enabled between failed password prompts revealing whatever is being typed (the password most probable). demo GIF

I encountered this issue where my password became visible in plaintext on the terminal when hitting enter by accident before starting typing the password.

Steps to Reproduce:

  1. Execute a command that requires a password e.g. sudo ls.
  2. When prompted for the password, hit Enter before typing anything, then immediately start typing the password.
  3. While the system validates the empty password, the keyboard input becomes visible revealing your password.
  4. By the time you hit enter again the system already rejected the empty password and successfully validates the new one leading to a correct execution.

Expected Behavior:

When prompted for password the system should disable input echoing until the password is correctly validated, all the attempts have failed, or the operation has been canceled.