2.10 Ensure Secure Keyboard Entry terminal.app is Enabled

Information

Secure Keyboard Entry prevents other applications on the system and/or network from detecting and recording what is typed into Terminal.

Rationale:

Enabling Secure Keyboard Entry minimizes the risk of a key logger from detecting what is entered in Terminal.

Solution

Perform the following to enable secure keyboard entries in Terminal:
Graphical Method:

Open Terminal

Select Terminal

Select Secure Keyboard Entry

Terminal Method:

$ sudo -u <username> /usr/bin/defaults write -app Terminal SecureKeyboardEntry -bool true

example:

$ sudo -u firstuser /usr/bin/defaults write -app Terminal SecureKeyboardEntry -bool true

Profile Method:

Create or edit a configuration profile with the PayLoadType of com.apple.Terminal

Add the key SecureKeyboardEntry

Set the key to <true/>

See Also

https://workbench.cisecurity.org/files/3573