Ubuntu 26.04 Breaks Tradition: sudo Now Shows Asterisks for Passwords by Default

In a move that’s sending shockwaves through the Linux community, Ubuntu 26.04 has quietly introduced a controversial change to the sudo command that’s challenging decades of security conventions. The latest development builds of Ubuntu are now displaying asterisk characters as you type your password when prompted by sudo, marking a significant departure from the traditional approach of showing no feedback whatsoever.

This change, which stems from upstream modifications to sudo-rs, represents more than just a minor tweak—it’s a fundamental shift in how Linux handles password input in terminal environments. For years, the absence of any visual feedback during sudo password entry has been a hallmark of Linux security philosophy, designed to prevent shoulder-surfers and screen-catchers from gleaning password length information.

The UX vs. Security Debate

The controversy centers on a classic tension between user experience and security. The sudo-rs developers have made a calculated decision to prioritize what they perceive as a major usability improvement over a marginal security benefit. Their argument is straightforward: new users coming to Linux from other operating systems often find the complete lack of feedback confusing and intimidating. When you type nothing and press Enter, only to be told your password was incorrect, it can create unnecessary friction in what should be a straightforward process.

The upstream commit that introduced this change explicitly acknowledges the security trade-off. By enabling “pwfeedback” by default, sudo-rs is exposing password lengths to anyone watching your screen—a vulnerability that has been deliberately avoided for decades. However, the developers argue that this theoretical security improvement is “infinitesimal” compared to the practical UX benefits.

Breaking Decades of Convention

The traditional approach of showing no feedback whatsoever has been a cornerstone of Linux terminal security since the early days of Unix. The philosophy was simple: if an attacker can’t see how many characters you’re typing, they have significantly less information to work with when attempting to guess or brute-force your password. This convention extended beyond sudo to virtually all password prompts in terminal environments.

What makes this change particularly noteworthy is that it represents a break from not just Linux tradition, but Unix tradition more broadly. The no-feedback approach has been consistent across virtually all Unix-like systems for decades, making sudo-rs’s decision a significant cultural shift within the Linux ecosystem.

Community Backlash and Developer Response

The reaction from the Linux community has been decidedly mixed, with many long-time users expressing frustration and concern. The change was initially raised as a bug report in October, with the reporter requesting that pwfeedback be enabled by default “to make sane modern UX decisions.” However, what some saw as a sensible UX improvement, others viewed as a dangerous departure from established security practices.

The controversy intensified when Ubuntu development builds began shipping with this behavior enabled by default. One particularly vocal critic filed a bug report with Ubuntu, expressing disbelief at the change: “Before this upgrade, as expected, typing a password in a terminal echos NOTHING. After this upgrade, I get STARS ECHOED. WHY?! This goes against DECADES of NOT ECHOING THE LENGTH OF THE PASSWORD TO SHOULDER SURFERS.”

The Ubuntu bug report was ultimately marked as “Won’t Fix,” indicating that the distribution intends to ship with this behavior as the default. This decision effectively means that users who prefer the traditional behavior will need to explicitly disable pwfeedback in their sudo configuration.

The Technical Implementation

From a technical perspective, the change is relatively straightforward. The sudo-rs project has modified its default configuration to include the “pwfeedback” option, which causes asterisk characters to be displayed as each key is pressed during password entry. Users who wish to maintain the traditional behavior can add “Defaults !pwfeedback” to their sudoers configuration, though this requires administrative access and a willingness to modify system configuration.

The developers have positioned this as a user empowerment issue, noting that it’s still possible to disable the asterisks if desired. However, critics argue that this places the burden on users who prefer the traditional behavior, rather than maintaining the status quo and allowing those who want feedback to explicitly enable it.

Broader Implications for Linux Security

This change raises broader questions about the evolution of Linux security practices. As Linux becomes more mainstream and attracts users from other operating systems, there’s an ongoing tension between maintaining traditional security philosophies and adapting to user expectations shaped by more consumer-friendly environments.

The sudo-rs developers’ argument that “outside of sudo/login no other password entry interfaces omit asterisks” highlights this tension. Modern operating systems, including Windows and macOS, have long provided visual feedback during password entry, and many users have come to expect this behavior as a standard part of the authentication process.

What This Means for Users

For most users, this change will likely go unnoticed or be welcomed as a sensible improvement. The visual feedback during password entry is intuitive and reduces the cognitive load during what can be a stressful moment of authentication. However, for security-conscious users, system administrators, and those working in environments where shoulder-surfing is a genuine concern, this change represents a step backward.

Users who wish to maintain the traditional behavior have a few options. They can modify their sudoers configuration to explicitly disable pwfeedback, though this requires administrative privileges. Alternatively, they might consider using alternative sudo implementations that maintain the traditional behavior, though this could introduce compatibility issues with system packages that expect the standard sudo behavior.

Looking Forward

As Ubuntu 26.04 approaches its final release, this controversy highlights the ongoing evolution of Linux as it balances tradition with modernization. The decision to enable password feedback by default represents a significant philosophical shift, one that prioritizes immediate usability over theoretical security benefits.

Whether this change will be viewed as a sensible modernization or a dangerous precedent remains to be seen. What’s clear is that it has sparked an important conversation about how Linux should evolve to meet the needs of both new users and security-conscious veterans. As the Linux desktop continues to mature and attract a broader user base, these kinds of trade-offs between usability and security will likely become increasingly common.

The sudo-rs developers have made their choice, and Ubuntu has followed suit. Now it’s up to the broader community to decide whether this is a change worth embracing or one worth pushing back against. One thing is certain: the Linux terminal will never quite feel the same when you’re typing your sudo password.

Tags and Viral Phrases:

sudo-rs password feedback controversy, Ubuntu 26.04 breaking tradition, Linux security vs UX debate, shoulder surfing protection removed, asterisk password display, terminal password feedback, sudo default behavior change, Linux modernization controversy, user experience over security, decades of Unix convention broken, pwfeedback enabled by default, Ubuntu development builds controversy, sudo-rs commits, password length exposure, Linux community backlash, Won’t Fix bug report, traditional vs modern Linux, terminal authentication changes, security-conscious users concerned, sudoers configuration modification, Linux desktop evolution, user empowerment debate, theoretical vs practical security, Unix tradition challenged, password entry visual feedback, Ubuntu 26.04 development builds, sudo-rs default configuration, shoulder surfer vulnerability, Linux accessibility improvements, terminal security philosophy, password masking debate, user-friendly Linux changes, security purists vs newcomers, Linux authentication evolution, sudo implementation changes, password feedback UX improvement, Linux security trade-offs, terminal user experience, Ubuntu breaking conventions, sudo-rs development decisions, password entry confusion solved, Linux usability modernization, security by obscurity debate, terminal password masking, Linux community divided, sudo behavior modification, password length information exposure, traditional Linux security practices, modern Linux user expectations, terminal interface evolution, sudo-rs upstream changes, Linux accessibility vs security, password authentication feedback, Ubuntu 26.04 controversial changes, Linux terminal conventions, sudo implementation philosophy, password entry user experience, security-conscious Linux users, Linux desktop maturity, terminal interface modernization, sudo-rs project decisions, password masking tradition, Linux user base expansion, terminal authentication standards, sudo configuration changes, Linux security philosophy evolution, user-friendly system administration, terminal password entry, Ubuntu development controversy, Linux community reaction, sudo-rs commit history, password feedback implementation, Linux security best practices, terminal user interface changes, sudo behavior expectations, Linux tradition vs innovation, password authentication methods, Ubuntu distribution decisions, Linux accessibility features, terminal security measures, sudo-rs project philosophy, Linux user experience improvements, password entry conventions, Unix-like system changes, Linux desktop adoption, terminal interface design, sudo implementation details, Linux security community, Ubuntu release cycle, password authentication UX, Linux system administration, terminal command line changes, sudo-rs project goals, Linux user onboarding, terminal security features, Ubuntu development process, Linux community standards, password entry feedback, sudo-rs development team, Linux security evolution, terminal interface usability, Ubuntu distribution philosophy, Linux accessibility debate, sudo implementation details, Linux user expectations, terminal authentication experience, Ubuntu release planning, Linux security community concerns, sudo-rs project direction, Linux user experience research, terminal interface conventions, Ubuntu development decisions, Linux accessibility improvements, sudo-rs upstream development, Linux security trade-offs, terminal user interface design, Ubuntu distribution strategy, Linux community feedback, sudo implementation changes, Linux user experience research, terminal authentication standards, Ubuntu release timeline, Linux security philosophy, sudo-rs project management, Linux accessibility debate, terminal interface evolution, Ubuntu development cycle, Linux community standards, password entry conventions, Unix-like system changes, Linux desktop adoption, terminal interface design, sudo implementation details, Linux security community, Ubuntu release cycle, password authentication UX, Linux system administration, terminal command line changes, sudo-rs project goals, Linux user onboarding, terminal security features, Ubuntu development process, Linux community reaction, sudo-rs commit history, password feedback implementation, Linux security best practices, terminal user interface changes, sudo behavior expectations, Linux tradition vs innovation, password authentication methods, Ubuntu distribution decisions, Linux desktop maturity, terminal interface modernization, sudo-rs project decisions, password masking debate, Linux usability modernization, security purists vs newcomers, Linux authentication evolution, user-friendly Linux changes, terminal password masking, Linux community divided, sudo-rs default configuration, Ubuntu development builds controversy, pwfeedback enabled by default, traditional vs modern Linux, security-conscious users concerned, sudoers configuration modification, Linux security trade-offs, user-friendly system administration, password length information exposure, sudo behavior modification, Linux community backlash, Ubuntu 26.04 breaking tradition, sudo-rs password feedback controversy, Linux security vs UX debate, shoulder surfing protection removed, asterisk password display, terminal password feedback, sudo default behavior change, Linux modernization controversy, user experience over security, decades of Unix convention broken

,