Ubuntu 26.04 LTS will break a 46-year Unix tradition by showing asterisks when users type their sudo password, a change aimed at improving user experience despite minor security trade-offs. The decision, implemented via the Rust-based sudo-rs rewrite, has sparked significant debate within the Linux community. This represents a notable shift in default terminal behavior that affects millions of users.
Background
For over 40 years, Unix and Linux systems have shown no visual feedback when typing sudo passwords to prevent shoulder surfing by hiding password length. This has been a standard security practice since the early days of Unix.
- Source
- Lobsters
- Published
- Mar 22, 2026 at 02:05 PM
- Score
- 6.0 / 10