How can I lower the delay after incorrectly entered login and sudo passwords?
In Ubuntu, to remove the delay for incorrect passwords in the terminal, edit the file common-auth
found in the folder /etc/pam.d
.
sudo nano /etc/pam.d/common-auth
Then add the string nodelay
to the end of the line
auth [success=1 default=ignore] pam_unix.so nullok_secure
so that it says
auth [success=1 default=ignore] pam_unix.so nullok_secure nodelay
Then save the file with nano by pressing Ctrl+X, Y, Enter.
If you want to instead change the delay, first do the step above and remove the delay completely. Then add the following line to the same file before the line you altered above:
auth optional pam_faildelay.so delay=500000
This will be the first uncommented line of the file. If you add this line after the first line you edited, then it won't work.
Now you can edit the delay value to whatever you want. I put a half second like you wanted.
If you want to lower the delay rather than disabling it altogether, edit /etc/pam.d/login
:
sudoedit /etc/pam.d/login
Find the line that looks like:
auth optional pam_faildelay.so delay=3000000
Change the number after delay=
to a smaller value, as desired.
Note that the number is in microseconds, so 1000000 is 1 second.
Sources:
- How does one change the delay that occurs after entering an incorrect password?
-
/etc/pam.d/login
on my Ubuntu 16.04 LTS system.
To get your system to ignore the default password security delay add nodelay
to the /etc/pam.d/common-auth
file:
Change this line:
auth [success=1 default=ignore] pam_unix.so nullok_secure
To:
auth [success=1 default=ignore] pam_unix.so nullok_secure nodelay
Then reboot the system for it to take effect.
Note:
Formally done here /etc/login.defs
but now handled by PAM in the /etc/pam.d
by various configuration files.