From c62804df46e90628eb4fa55f465ae4d6467e87d0 Mon Sep 17 00:00:00 2001
From: brapru <brapru@pm.me>
Date: Mon, 24 May 2021 16:41:36 -0400
Subject: [PATCH] passwd: Do not allow empty passwords

The user should use the delete flag when wanting to issue an empty
password. passwd should return an error after receiving empty input.
---
 Userland/Utilities/passwd.cpp | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/Userland/Utilities/passwd.cpp b/Userland/Utilities/passwd.cpp
index bf05220a7f..047d009021 100644
--- a/Userland/Utilities/passwd.cpp
+++ b/Userland/Utilities/passwd.cpp
@@ -110,6 +110,12 @@ int main(int argc, char** argv)
             return 1;
         }
 
+        if (new_password.value().is_empty() && new_password_retype.value().is_empty()) {
+            warnln("No password supplied.");
+            warnln("Password for user {} unchanged.", target_account.username());
+            return 1;
+        }
+
         if (new_password.value() != new_password_retype.value()) {
             warnln("Sorry, passwords don't match.");
             warnln("Password for user {} unchanged.", target_account.username());