Ubuntu – Why is there a delay when entering a wrong password


When entering the right password the application or the OS (no specific application, pretty much everywhere) accepts this immediately, but when entering a wrong password there is a slight delay of 1-2 seconds. Why is that?

Best Answer

The delay is to slow down cracking attempts made by automated software. Without a delay cracking attempts would run much faster.

Documentation: See man pam_fail_delay


   It is often possible to attack an authentication scheme by exploiting
   the time it takes the scheme to deny access to an applicant user. In
   cases of short timeouts, it may prove possible to attempt a brute force
   dictionary attack -- with an automated process, the attacker tries all
   possible passwords to gain access to the system. In other cases, where
   individual failures can take measurable amounts of time (indicating the
   nature of the failure), an attacker can obtain useful information about
   the authentication process. These latter attacks make use of procedural
   delays that constitute a covert channel of useful information.

   To minimize the effectiveness of such attacks, it is desirable to
   introduce a random delay in a failed authentication process. Preferable
   this value should be set by the application or a special PAM module.
   Standard PAM modules should not modify the delay unconditional.
Related Question