Remove the “bad password” wait period in Ubuntu

Whenever you mistype a password Ubuntu will pause for two seconds before letting you try again. This is for a good reason, because hackers often try brute force techniques to guess the password.

This involves using a computer program to try millions of passwords until the right one is found. The two second delay when a bad password is supplied makes such an approach much more impractical.

However, if you - like me - sometimes seem to have one too many fingers and constantly mistype the password, you can reduce the delay to zero. This will mean that, upon a bad password being entered, you'll immediately be prompted to try again.

Start by opening the /etc/pam.d/common-auth password in Gedit by typing the following into a terminal window:

$ gksu gedit /etc/pam.d/common-auth

Then look for the line that reads auth requisite pam_unix.so nullok_secure, and add nodelay to the end, so it now reads auth requisite pam_unix.so nullok_secure nodelay. Then save the file and reboot the computer.

You should be able to test your change at the Ubuntu login prompt - deliberately try a bad password and see what happens. Note that this tip will reduce the bad password delay in all password entry situations, including when requesting sudo/gksu powers, and so on.

Tags: brute force,password,gedit

Related Articles