Let Sudo Insult You When You Enter Incorrect Password

Sudoers is the default sudo security policy plugin in Linux, however, experienced system administrators can specify a custom security policy as well as input and output logging plugins. It is driven by the /etc/sudoers file or alternatively in LDAP.

You can define sudoers insults option or several others in the file above. It is set under defaults entries section. Read through our last article that explains 10 Useful Sudoers Configurations for Setting ‘sudo’ in Linux.

In this article, we will explain a sudoers configuration parameter to enable an individual or system administrator set sudo command to insult system users who enter wrong password.

Start by opening the file /etc/sudoers like so:

$ sudo visudo

Go to the defaults section and add the following line:

Defaults   insults

Below is a sample of /etc/sudoers file on my system showing defaults entries.

Set sudo Insults Parameter

Set sudo Insults Parameter

From the screenshot above, you can see that there are many other defaults defined such as send mail to root when each time a user enters a bad password, set a secure path, configure a custom sudo log file and more.

Save the file and close it.

Run a command with sudo and enter the wrong password, then observe how insults option works:

$ sudo visudo
sudo Insult in Action

sudo Insult in Action

Note: When you configure the insults parameter, it disables the badpass_message parameter which prints a specific message on the command line (the default message is “sorry, try again”) in case a user enters a wrong password.

To modify the message, add the badpass_message parameter to the /etc/sudoers file as shown below.

Defaults  badpass_message="Password is wrong, please try again"  #try to set a message of your own
Set sudo badpassword Message

Set sudo badpassword Message

Save the file and close it, then invoke sudo and see how it works, the message you set as the value of badpass_message will be printed every time you or any system user types a wrong password.

$ sudo visudo
Sudo badpassword Message

Sudo badpassword Message

That’s all, in this article we reviewed how to set sudo to print insults when users type a wrong password. Do share your thoughts via the comment section below.

If You Appreciate What We Do Here On TecMint, You Should Consider:

TecMint is the fastest growing and most trusted community site for any kind of Linux Articles, Guides and Books on the web. Millions of people visit TecMint! to search or browse the thousands of published articles available FREELY to all.

If you like what you are reading, please consider buying us a coffee ( or 2 ) as a token of appreciation.

Support Us

We are thankful for your never ending support.

Aaron Kili

Aaron Kili is a Linux and F.O.S.S enthusiast, an upcoming Linux SysAdmin, web developer, and currently a content creator for TecMint who loves working with computers and strongly believes in sharing knowledge.

Your name can also be listed here. Got a tip? Submit it here to become an TecMint author.

RedHat RHCE and RHCSA Certification Book
Linux Foundation LFCS and LFCE Certification Preparation Guide
The Complete Linux System Administrator Bundle
Become an Ethical Hacker Bonus Bundle

You may also like...

9 Responses

  1. dragonmouth says:

    We streamline processes, we install faster CPUs and GPUs, just to make our PCs run microseconds faster. But then we engage in such juvenile stunts like displaying insults instead of a plain Bad Password message.

  2. dreis911 says:

    Yeah! It’s not useful but it’s funny. Specially if you have a PC/System with more than 1 user.

    BTW, the 5th attempt has a different comment. Does it repeat this kind of comment every 5 wrong attempts?

    How many can a user fail? Is it indefinite?
    (sorry for the newbie questions)

    • Aaron Kili says:


      The last attempt does not show an insult. Again, yes, it repeats the comment and specifies the number of attempts. And you can configure the number of password tries using the passwd_tries parameter as below:

      Defaults passwd_tries=5(specify the number of tries you want)

  3. Pittor says:

    I am gonna have a lot of fun with that! Thank you very much!

  4. Stephen says:

    Regrettably, Red Hat and CentOS configure the sudo binary such that it does not support insults.

  5. Jonathan says:

    That’s fun ! Thanks for this tips !

Leave a Reply to dragonmouth Cancel reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.