Terms of Use For FixedByVonnie

By proceeding to access fixedByVonnie.com, you expressly acknowledge, and agree to, all of the following:

fixedByVonnie.com is a personal website and blog owned by Security Plus Pro LLC, which is being presented for informational purposes only. The views on this website are solely those of the website owner (and not those of any employer or of any professional associations affiliated with the website owner).  Any views expressed in this website and any information presented on this website, or in any of its blog entries, should not be relied on for any purpose whatsoever other than as the personal opinions of the website owner.  The website owner expressly disclaims any and all liability for any information presented on this site.  The owner of this website and its blog posts shall not be held liable, and shall be held harmless, for any errors or omissions in any information or representations contained in this website, or in any of its blog entries.  The website owner also expressly disclaims any liability for the current or future availability of any such information. The website owner makes no representations as to the accuracy or completeness of any information on this website or which may be found by following any link on this website. The website owner shall not be held liable for any losses, injuries, damages, claims, or causes of action, from the display or use of any information on this website or in any of its blog entries. If you use the information on this website, or on any of its blog entries, you do so solely at your own risk.

How to make password asterisks visible in Linux - fixedByVonnie

How to make password asterisks visible in Linux

Coming from a Windows world, Linux is an entirely different beast.

  • Everything is a file
  • Files don’t have extensions.
  • And I promise you: the vi text editor is more recondite than Albert Einstein’s mind.

All this stuff just makes learning Linux a positively daunting enterprise.  And it’s part of the reason why Linux is beloved by rarefied geeks who dream in binary and speak in code.

But it doesn’t have to be that way!  Linux is really easy if you slow down and forget about the wonky world of Windows.  Once you get the hang of it, the operating system is very coherent and is actually a joy to use.  In this guide, I want you to partake of that joy.

One of the interesting security features in Linux, is that it doesn’t give you any visual clue that you’re typing text into a password box.  In Windows you see a little dot, or bullet (sometimes an asterisk) but in Linux you don’t see anything.  The line is blank and stays blank as you type.

Linux Password is empty, no feedback

In the above graphic, you can see I’m trying to create a folder called ohYeah and then change into that directory.

I entered over a dozen characters at the password prompt yet the password line is still blank and it appears that the cursor hasn’t moved.

What gives?

This is actually a great security feature because it makes it harder for shoulder surfers to count password characters.  It’s harder to guess the length of your password.  Obviously, this isn’t a foolproof technique because someone can count keystrokes or just look at your keyboard, but at least it obfuscates the password enough to ward off people looking at your screen.

But security always comes at a cost and usually that cost is convenience.

Have you ever wondered if there was a way to make Linux echo password asterisks as you type a password?  Is there a file or something you can edit?


Linux is an extremely malleable operating system and so it’s no surprise it can flex to make asterisks appear.

Type this command into the console:

sudo visudo

Before we go on let me explain what this ostensibly redundant command does:

That first bit, sudo, means to switch user and then do something.

We are basically telling Linux to run a program called visudo with the privileges of another user.  The visudo program edits a special file called sudoers which just defines which users can run which commands on the system.  We’re going to add a parameter to sudoers that tells Linux to always print stars at password prompts.

Incidentally, visudo is different than the vi text editor because it protects the sudoers file against concurrent writes.  In other words, it precludes the possibility of multiple users editing sudoers at the same time; thus, it’s the recommended (and safest) way to edit the sudoers file.

After typing sudo visudo, enter your root password and then type the forward slash key (usually on the question mark key) and type:


This is a quick way to search a file.

Forward slash + search string.

You can keep pressing the n key on your keyboard to search for the next instance of the search string.  We want to find the line that looks like this:

Defaults                   env_reset

Edit env_reset

Alright now we need to edit the file.

Right now we’re in a read-only view mode so to change into the editing mode we press the A key to add text to the end of the line.

Note the “A” must be capitalized or else it will append text after the cursor rather than the line.

Now just type this:


Adding pwfeedback via visudoer file

You may notice that the command starts with a comma.  That’s pretty important. We’re basically telling Linux to display password feedback by default.

Okay, so we did it.  To save the file we need to press the escape key so we can get out of editing mode.

Then we press Shift + ZZ to exit and save.

Linux password feedback

Ain’t that nice.


Connect with Vonnie on Twitter

Posted in Linux Tagged with: