Read password

[gwenn]

Disable echo...

[gwenn]

antirez/linenoise#125

Reading passwords securely requires more than that. Usually you want to ensure no one else is reading the input and that you are really connected to a terminal etc.

[madprops]

I'm looking for this. It doesn't even have to be incredibly secure, just hiding the visible input would be enough for lots of cases.

[gwenn]

@madprops You can try something like this:

• Disable auto_add_history so that password does not appear in your history file.
• Define a Highlighter such as highlight returns '*' x width(line) because rustyline expects the highlighted line to have the same width as the raw line and highlight_char returns true.
• And force highlighting: color_mode.

[madprops]

Hmm not sure how to do this. It seems to define a highlighter I need to provide a helper, and to do that I need to implement all the helper stuff, not just the highlight? Can't find an easier way. Also in my case I think I don't need to bother about the history bit, since I'm not using history features in my inputs.

[gwenn]

@madprops I know, this is just a hack.
I will try to provide you a complete example.

[gwenn]

See #266

[gwenn]

antirez/linenoise#182

[bjorn3]

Using a * per input character rather than nothing is less secure as it leaks the length of the password.

[xeruf]

but sometimes feedback is nice, and it could also be a key of a specific length that is read where the length is known, not just passwords

anyways, with the linenoise update can this be revisited?