How can I lower the delay after incorrectly entered login and sudo passwords?

In Ubuntu, to remove the delay for incorrect passwords in the terminal, edit the file common-auth found in the folder /etc/pam.d.

sudo nano /etc/pam.d/common-auth

Then add the string nodelay to the end of the line

auth    [success=1 default=ignore]      pam_unix.so nullok_secure

so that it says

auth    [success=1 default=ignore]      pam_unix.so nullok_secure nodelay

Then save the file with nano by pressing Ctrl+X, Y, Enter.

If you want to instead change the delay, first do the step above and remove the delay completely. Then add the following line to the same file before the line you altered above:

auth       optional     pam_faildelay.so  delay=500000

This will be the first uncommented line of the file. If you add this line after the first line you edited, then it won't work.

Now you can edit the delay value to whatever you want. I put a half second like you wanted.

If you want to lower the delay rather than disabling it altogether, edit /etc/pam.d/login:

sudoedit /etc/pam.d/login

Find the line that looks like:

auth       optional   pam_faildelay.so  delay=3000000

Change the number after delay= to a smaller value, as desired.
Note that the number is in microseconds, so 1000000 is 1 second.

Sources:

• How does one change the delay that occurs after entering an incorrect password?
• /etc/pam.d/login on my Ubuntu 16.04 LTS system.

To get your system to ignore the default password security delay add nodelay to the /etc/pam.d/common-auth file:

Change this line:

auth    [success=1 default=ignore]      pam_unix.so nullok_secure

To:

auth    [success=1 default=ignore]      pam_unix.so nullok_secure nodelay

Then reboot the system for it to take effect.

Note:

Formally done here /etc/login.defs but now handled by PAM in the /etc/pam.d by various configuration files.