Bug 61061 - Always 5 asterisks for a password in User Manager
Summary: Always 5 asterisks for a password in User Manager
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: redhat-config-users (Show other bugs)
(Show other bugs)
Version: 7.2
Hardware: i386 Linux
Target Milestone: ---
Assignee: Brent Fox
QA Contact:
Keywords: FutureFeature
Depends On:
TreeView+ depends on / blocked
Reported: 2002-03-12 22:07 UTC by Hakon
Modified: 2008-05-01 15:38 UTC (History)
0 users

Fixed In Version:
Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2002-03-13 10:49:01 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

Description Hakon 2002-03-12 22:07:03 UTC
I think it's wrong that passwords always show as 5 asterisks in the User Manager.
After all, it's only root that has access to view it, and even more root can
also change the password, so it wouldn't be a security issue. Instead one might
wonder if the password stored doesn't correspond with what you thought it would be.

Comment 1 Brent Fox 2002-03-12 23:01:07 UTC
I'm not opposed to changing the behavior if there is a better way.  What would
you like the behavior to be?

Comment 2 Hakon 2002-03-12 23:28:58 UTC
Well I though it would be neat to show as many asterisks as there are letters
int the password.

Comment 3 Brent Fox 2002-03-13 03:39:38 UTC
Well, I can't do that.  I'd like to, but I don't think there's a way.  Since
most systems use shadow passwords, root can't tell what a user's password is. 
Root can change a user's password, but root doesn't have a way to figure out
what the user's current password is (or even how many characters are in the

I agree that the current behavior isn't great, but I'll do some thinking about
how to change it for the better.  It's too late to change it for the next
release of RHL, though.

Comment 4 Hakon 2002-03-13 10:48:57 UTC
I see. What about changing the caption to say "New password:" or "Change
password:" and leave the fields blank?. Or maybe even moving those fields to a
popup window, so that you would have to press a button saying "Change password"
in order to open the change password dialogue. But of course, that would make
the procedure slightly more awkward.
Having read that it's not so easy to do, I wouldn't mind if you dismissed this

Comment 5 Brent Fox 2002-03-13 15:23:06 UTC
I thought about adding a "Change Password" button, but like you said, it's a
little awkward.  Bringing up a popup window at that point would give you three
open windows (the main window, the user properties window, and the change
password window), and that seems a bit ugly.  Like I said, the current way isn't
great either, but it works.  I'd hate to replace it with a new method that is
awkward, only in a different way.  

I think I'll close this report now, but I will consider a better way to do this
for future versions.  Thanks for your report.

Note You need to log in before you can comment on or make changes to this bug.