Red Hat Bugzilla – Bug 61061
Always 5 asterisks for a password in User Manager
Last modified: 2008-05-01 11:38:01 EDT
I think it's wrong that passwords always show as 5 asterisks in the User Manager.
After all, it's only root that has access to view it, and even more root can
also change the password, so it wouldn't be a security issue. Instead one might
wonder if the password stored doesn't correspond with what you thought it would be.
I'm not opposed to changing the behavior if there is a better way. What would
you like the behavior to be?
Well I though it would be neat to show as many asterisks as there are letters
int the password.
Well, I can't do that. I'd like to, but I don't think there's a way. Since
most systems use shadow passwords, root can't tell what a user's password is.
Root can change a user's password, but root doesn't have a way to figure out
what the user's current password is (or even how many characters are in the
I agree that the current behavior isn't great, but I'll do some thinking about
how to change it for the better. It's too late to change it for the next
release of RHL, though.
I see. What about changing the caption to say "New password:" or "Change
password:" and leave the fields blank?. Or maybe even moving those fields to a
popup window, so that you would have to press a button saying "Change password"
in order to open the change password dialogue. But of course, that would make
the procedure slightly more awkward.
Having read that it's not so easy to do, I wouldn't mind if you dismissed this
I thought about adding a "Change Password" button, but like you said, it's a
little awkward. Bringing up a popup window at that point would give you three
open windows (the main window, the user properties window, and the change
password window), and that seems a bit ugly. Like I said, the current way isn't
great either, but it works. I'd hate to replace it with a new method that is
awkward, only in a different way.
I think I'll close this report now, but I will consider a better way to do this
for future versions. Thanks for your report.