[sudo-workers] Better default for badpass_message

Todd C. Miller Todd.Miller at sudo.ws
Tue Dec 21 12:57:32 MST 2021

On Tue, 21 Dec 2021 18:34:16 +0100, Andrea Monaco wrote:

> I see that the default response after a wrong password is "Sorry, try
> again.".  But that seems a bit generic to me: it doesn't convey the most
> important information, which is that the user inserted a wrong password.
> In principle, there could be other reasons for requesting the user to
> try again (though none very likely, admittedly).
> I propose "Wrong password, please try again" as a new default, which is
> also more polite.

My concern with changing this is that there are sudo wrappers out
there that expect the current "Sorry, try again" response.
Changing the message may break them.

 - todd

More information about the sudo-workers mailing list