Why is the password I entered not visible?

What's the simplest way of hiding user input?

Not displaying it!

Hiding passwords when they're being typed is an old tradition. In makes sense from a security perspective in most contexts: if someone is looking over your shoulders, you don't want to make it easy to see what you're typing. (Some modern security guidelines e.g. 1 2 3 4 5 do recommend having an option to make the password visible though, because that allows the user to be able to choose more complex passwords and have confidence that they won't be spending their time fixing unseen typos. The biggest risk isn't shoulder surfing, it's brute force guessing, possibly offline.)

Having decided that the password should be hidden, the implementers had to decide how to do it. The terminal has a mode where user input is shown (echo on), and a mode where user input is not shown (echo off). The echo off mode has intrinsic existence in a way: that's the mode where the terminal doesn't do the extra work of echoing user input. This mode also has to exist for applications where typing a key doesn't insert that character, but instead invokes some application shortcut that is bound to that key. So commands like passwd just set the terminal to echo off mode while they're reading a password.

Printing asterisks for each character would require extra implementation work for only a relatively small benefit, which the implementers of the passwd command haven't felt like doing. There's no terminal mode for printing asterisks because it would be a very specialized feature, useful only when entering passwords.

By the way, if you want to see your password when changing it, you can use cat | passwd (at least on some systems — some versions of passwd require an option like cat | passwd --stdin and some don't accept this at all). (You can even do { echo 'current password'; echo 'new password'; echo 'new password'; } | passwd, but don't do that: it would save the passwords in the shell history, from which there's a lot more risk of leaking.) Arranging for that with commands that read the password from the terminal rather than whatever is their standard input, such as sudo or ssh, is more complex; if you have a GUI available, you can use ssh-askpass which does show how many characters you've typed (SUDO_ASKPASS=/usr/bin/ssh-askpass sudo -A for sudo; for ssh it's complicated when you invoke it from a terminal).


Because that's the way we do things in *nix land. :) It gives a little bit of extra security by not displaying a bunch of asterisks. That way, someone who sees your screen can't see the length of your password.

But I must admit it is a little bit scary not getting any feedback when you're entering a password, especially if you've got a bad keyboard. So most GUI password dialog on *nix systems do give you some kind of feedback, e.g. using asterisks, or more commonly ⬤. And some even display each character as you type it, but then immediately replace it with a * or ⬤, but that's not so good if someone may be looking over your shoulder. Or if they have a device that can pick up & decode the video signal being sent from your computer to your monitor.


Making the password invisible makes it more secure, as the length of the password cannot be seen by others. This avoids the risk of others trying to guess the password from its length and log in into your account.