"Small follow-up question: If I wanted to avoid using Term::ReadKey, would the following code work for reading the password? Is Term::ReadKey in any way more secure? (I prefer to avoid installing additional modules where I can for the sake of portability, unless I absolutely need them.) ... stty code ..."

This rather indicates that you didn't bother to read the "How do I ask the user for a password?" link which I provided: it discusses both stty and portability issues.

The security aspect here involves hiding the password being typed from prying eyes. That's an absolute (either it's hidden or visible) — there's no sliding scale of effective camouflaging or obfuscation. Perhaps you had something else in mind with respect to Term::ReadKey's security.

Many modules are written with the express purpose of improving portability: Term::ReadKey is one of these; File::Spec is another example. You'll also find lots of modules are written to be portable even if that's not their primary function. There may be many reasons why you choose not to install any particular module; however, you should reject the notion of using portability as a reason for not installing modules in general.

I did read the link, I promise! But it seems my brain was elsewhere when I did so because on re-reading it, I see that you're right: it answers that question exhaustively. Sorry about that.