Hi!
I’m using i3 and i3lock-color
from the AUR as the session locker (it is a fork of i3lock
).
My problem is that there is a 30 second delay for the next try if I enter a wrong password. I know this is a security feature but for me 3 seconds would be enough.
I often type my password wrongly because I switch keyboards from the laptop without a numpad to an actual keyboard with a numpad. The laptop keyboard thinks it should then enable the numpad and remaps the keys => wrong password.
Waiting for 30 seconds for the next try is really stupid, especially with my sausage fingers complicated password that I sometimes mistype.
Which option can I set to remove this delay to the default (?) 3 seconds?
The file /etc/security/faillock
does not contain a delay option, I’ve only changed the deny = 5
(from = 3
) because it would lock me for 15 minutes after 3 attempts.
In the /etc/pam.d
directory, there is nothing about delay
and I’m very careful with changing these files.
Especially, there is nothing loading the pam_faildelay
.
When logging in from a TTY, the fail delay is around 5 seconds that I counted it my head (it might be 3, I’m not sure).
I looked around and found this on unix.stackexchange about changing the file /etc/pam.d/system-auth
:
auth [success=1 default=bad] pam_unix.so try_first_pass nullok
to:
auth [success=1 default=bad] pam_unix.so try_first_pass nodelay nullok
However, I don’t think this is the solution because the man pam_unix
page tells me that the default delay is 2 seconds, not 30.
nodelay
This argument can be used to discourage the authentication component from requesting a delay should the authentication as a
whole fail. The default action is for the module to request a delay-on-failure of the order of two second.