One year ago I tried to adjust the delay that I have to wait if I introduce a bad password when executing "sudo echo 1".
Usually you have to wait 2 seconds for being able to introduce the password again and this is too much for me. You can configure the PAM and set a parameter that is called NODELAY, that means exactly that: you wont have to wait any delay if you make a typo while writing your password. The problem? That if you are trying to make login thru SSH this rule applies too, and it allows brute force attacks or maybe DoS doing huge SSH login atempts.
Finally I've found how to configure this option! You have to edit the file /etc/pam.d/common-auth that look like this (comments have been removed):
auth [success=1 default=ignore] pam_unix.so nullok_secure auth requisite pam_deny.so auth required pam_permit.so auth optional pam_cap.so
And it have to end up looking like that. The order of the lines is important! Notice that in the second line we have added a new parameter nodelay.
auth optional pam_faildelay.so delay=250000 auth [success=1 default=ignore] pam_unix.so nullok_secure nodelay auth requisite pam_deny.so auth required pam_permit.so auth optional pam_cap.so
In the line "auth optional pam_faildelay.so delay=250000" we are defining the time we will wait in microseconds. So 250000 are 250 milliseconds or 0.25 seconds.
And this is it!