Yet somehow, none of the other high security tools I have ever interacted with seem to do this for some reason. No auditor flags it. No security standard recommends hiding it.
replyBut SUDO is the one bastion where it is absolutely essential to not offer hiding keystrokes as an obscure config option, but enable for everyone and their mother?
Auditors are useless and only follow checklists. So that point is moot.
replyI guess people are a bit wary of such changes because they dumb down an established system, with more to come.
However as an Ubuntu user since 8.04, I've heard these arguments with every release. Ubuntu has always simplified some things and although sometimes controversial they were often right about UX.
And once you start adding these accessibility problems, people will respond by using weaker passwords.
reply> Because to hell with UX when it comes to security.
replyI don’t think you have any idea how wrong you are.