alt Hacker NewsYes… We're in the same room as the target… Let's look at their screen and see how long their password is.
Or, we could just look at the keyboard as they type and gain a lot more information.
In an absolute sense not showing anything is safer. But it never really matters and just acts as a paper cut for all.
Replies
"Let's look at their screen and see how long their password is." This article is about silent sudo.
Have you ever watched a fast touch typist, someone that does over 100 words per minute? Someone who might be using an keyboard layout that you're not familiar with? When the full password is entered in less than a second it can be very difficult to discern what they typed unless you're actually recording with video.
But sure, if you're watching someone who types with one finger. Yes, I can see that.
And just sticking to counting, a not exceptionally well-trained ear could already count how many letters you typed and if you pressed backspace (at least with the double-width backspace, sound is definitely different)