This is security theater. Masking sudo input does nothing against keyloggers, shoulder-surfing, or anyone reading your terminal, and pretending password length is the deciding leak ignores the much larger attack surface around a compromised box. If password length is where your threat model gets scary you've already lost.

Yet somehow, none of the other high security tools I have ever interacted with seem to do this for some reason. No auditor flags it. No security standard recommends hiding it.

But SUDO is the one bastion where it is absolutely essential to not offer hiding keystrokes as an obscure config option, but enable for everyone and their mother?

> Because to hell with UX when it comes to security.

I don’t think you have any idea how wrong you are.

Bad security UX that results in users bypassing security mechanisms entirely is probably the single biggest source of real-world security problems.