Why does a failed linux login take so long? [duplicate]

Possible Duplicate:
Why would an incorrect password attempt take a lot longer to process than a correct one?

When you get the correct login credentials, you are logged in immediately. When you get your password wrong, there's a second delay before you're notified and able to try again.

Is this a prevention against cracking, or is there something else going on behind the scenes?

Solution 1:

It is a prevention against cracking. It is a forced delay, usually about 2 or 3 seconds delay before a new login prompt is issued. This helps prevent automated attacks by making the iteration too long to be practical.

On linux, it can be configured in the /etc/login.defs file.

# Delay in seconds before being allowed another attempt after a login failure.
FAIL_DELAY              3

Solution 2:

The main reason is, like you said, to stop automated attacks. It just slows down a potential "bad guy" if he can only try ten passwords a minute instead of a hundred.

You'll also notice that the shell completely restarts after 3 or 4 failed attempts. I think this is to detach or kill any attached processes which could be malicious.

Solution 3:

I guess it's a form of "Tarpitting" where the server delays incoming connections for as long as possible