bashlinuxpasswdUbuntu

Say you type in passwd and you enter in the wrong password. There's a noticeable delay between when it tells you that the password was bad and when you enter it. Any ideas as to why? Seems kinda strange…

Here's the message I'm getting when I enter in a bad password is as follows:

passwd: Authentication token manipulation error


Maybe it's attempting to protect against brute force attempts by reducing the speed with which new passwords can be tried?

Either way is there some discussion of this behavior somewhere? I don't see any note of it in the man page..

Yes, the delay is a protection against brute force, and is around 3 seconds.

The reason why it doesn't appear in the passwd man, is because it is controlled by the authentication backend - usually pam.

man pam_unix


Shows you can set a nodelay to eliminate the delay. You can also set applications specific delays in pam_faildelay

man pam_faildelay


These settings are all managed in

/etc/pam.d/*