Go to the first, previous, next, last section, table of contents.


Reading Passwords

When reading in a password, it is desirable to avoid displaying it on the screen, to help keep it secret. The following function handles this in a convenient way.

Function: char * getpass (const char *prompt)

getpass outputs prompt, then reads a string in from the terminal without echoing it. It tries to connect to the real terminal, `/dev/tty', if possible, to encourage users not to put plaintext passwords in files; otherwise, it uses stdin and stderr. getpass also disables the INTR, QUIT, and SUSP characters on the terminal using the ISIG terminal attribute (see section Local Modes). The terminal is flushed before and after getpass, so that characters of a mistyped password are not accidentally visible.

In other C libraries, getpass may only return the first PASS_MAX bytes of a password. The GNU C library has no limit, so PASS_MAX is undefined.

The prototype for this function is in `unistd.h'. PASS_MAX would be defined in `limits.h'.

This precise set of operations may not suit all possible situations. In this case, it is recommended that users write their own getpass substitute. For instance, a very simple substitute is as follows:

#include <termios.h>
#include <stdio.h>

ssize_t
my_getpass (char **lineptr, size_t *n, FILE *stream)
{
  struct termios old, new;
  int nread;

  /* Turn echoing off and fail if we can't. */
  if (tcgetattr (fileno (stream), &old) != 0)
    return -1;
  new = old;
  new.c_lflag &= ~ECHO;
  if (tcsetattr (fileno (stream), TCSAFLUSH, &new) != 0)
    return -1;
  
  /* Read the password. */
  nread = getline (lineptr, n, stream);

  /* Restore terminal. */
  (void) tcsetattr (fileno (stream), TCSAFLUSH, &old);
  
  return nread;
}

The substitute takes the same parameters as getline (see section Line-Oriented Input); the user must print any prompt desired.


Go to the first, previous, next, last section, table of contents.