# Passwords mistakes in CLI.



## Dendros (Aug 14, 2021)

I'm used to boot FreeBSD in CLI mode then start the GUI with the `startx` command and it works quite well. But there is this: sometimes it happens that I forget to enter my username at login prompt and type my user password instead. And when I wanted to switch to root, instead of typing the *su* command, I accidentally entered root's password in clear text on console.

I'm sure that these accidents are huge security risks if the system keeps records of them in its logs, that can potentially be read. 

I know that the real solution is to be more careful when typing but sometimes this simply just happens. 

The question is: should I use a graphical login manager with autologin to avoid this problem? And when switching to root, I probably should do that in a terminal emulator or use sudo or doas. 

Thoughts?


----------



## SirDice (Aug 14, 2021)

Dendros said:


> And when I wanted to switch to root, instead of typing the *su* command, I accidentally entered root's password in clear text on console.


This is not a big problem but depends on the shell you're using. That password may have been recorded in the shell's history. With sh(1) this isn't a big problem, the shell's history isn't persistent. Just logoff and the history is gone. 

With tcsh(1) you can use this little trick:

 Save the history: `history -S`
 edit ~/.history with an editor, remove all the occurrences of the password. Also remove the line above it, which looks like `#+<long number>`, that's the timestamp of the 'command'.
 Load the edited history: `history -L`
For bash(1) you can simply edit ~/.bash_history.


----------



## Dendros (Aug 14, 2021)

Thanks. I use the default *sh* shell for my user and the default shell for root.


----------



## Geezer (Aug 14, 2021)

Is it just you using this machine, or are there other users?


----------



## Dendros (Aug 14, 2021)

I'm the sole user of my machine but it's connected to Internet, that's why I was worried.


----------



## Geezer (Aug 14, 2021)

Well I would not worry.  The router that your ISP provided will stop inbound connections. You can always put a firewall on as well.


----------



## Deleted member 30996 (Aug 15, 2021)

I've done it before. It helps keep you from doing it again.


----------

