Function: read-passwd

read-passwd is an autoloaded and byte-compiled function defined in auth-source.el.gz.

Signature

(read-passwd PROMPT &optional CONFIRM DEFAULT)

Documentation

Read a password, prompting with PROMPT, and return password as a string.

If optional CONFIRM is non-nil, read the password twice to make sure. Optional DEFAULT is a default password to use instead of empty input.

This function echoes * for each character that the user types. You could let-bind read-hide-char to another hiding character, though.

Once the caller uses the password, it can erase the password by doing (clear-string STRING).

View in manual

Probably introduced at or before Emacs version 20.3.

Source Code

;; Defined in /usr/src/emacs/lisp/auth-source.el.gz
;;;###autoload
(defun read-passwd (prompt &optional confirm default)
  "Read a password, prompting with PROMPT, and return password as a string.
If optional CONFIRM is non-nil, read the password twice to make sure.
Optional DEFAULT is a default password to use instead of empty input.

This function echoes `*' for each character that the user types.
You could let-bind `read-hide-char' to another hiding character, though.

Once the caller uses the password, it can erase the password
by doing (clear-string STRING)."
  (if confirm
      (let (success)
        (while (not success)
          (let ((first (read-passwd prompt nil default))
                (second (read-passwd "Confirm password: " nil default)))
            (if (equal first second)
                (progn
                  (and (arrayp second) (not (eq first second))
                       (clear-string second))
                  (setq success first))
              (and (arrayp first) (clear-string first))
              (and (arrayp second) (clear-string second))
              (message "Password not repeated accurately; please start over")
              (sit-for 1))))
        success)
    (let (minibuf)
      (minibuffer-with-setup-hook
          (lambda ()
            (setq minibuf (current-buffer))
            ;; Turn off electricity.
            (setq-local post-self-insert-hook nil)
            (setq-local buffer-undo-list t)
            (setq-local select-active-regions nil)
            (use-local-map read-passwd-map)
            (setq-local inhibit-modification-hooks nil) ;bug#15501.
	    (setq-local show-paren-mode nil)		;bug#16091.
            (setq-local inhibit--record-char t)
            (read-passwd-mode 1)
            (add-hook 'post-command-hook #'read-passwd--hide-password nil t))
        (unwind-protect
            (let ((enable-recursive-minibuffers t)
		  (read-hide-char (or read-hide-char ?*))
                  (overriding-text-conversion-style 'password))
              (read-string prompt nil t default)) ; t = "no history"
          (when (buffer-live-p minibuf)
            (with-current-buffer minibuf
              (read-passwd-mode -1)
              ;; Not sure why but it seems that there might be cases where the
              ;; minibuffer is not always properly reset later on, so undo
              ;; whatever we've done here (bug#11392).
              (remove-hook 'post-command-hook
                           #'read-passwd--hide-password 'local)
              (kill-local-variable 'post-self-insert-hook)
              ;; And of course, don't keep the sensitive data around.
              (erase-buffer)
              ;; Then restore the previous text conversion style.
              (when (fboundp 'set-text-conversion-style)
                (set-text-conversion-style text-conversion-style)))))))))