There's an example of this in in crypt). First, you put the terminal into ``no echo'' mode, then just read the password normally. You may do this with an old-style ioctl function,
POSIX terminal control (see
the POSIX manpage, and Chapter 7 of the Camel), or a call to the stty program, with varying degrees of portability.
You can also do this for most systems using the Term::ReadKey module from CPAN, which is easier to use and in theory more portable.