6.5. Shadow Passwords

In multiuser environments it is very important to use shadow passwords (provided by the shadow-utils package). Doing so enhances the security of system authentication files. For this reason, the installation program enables shadow passwords by default.

The following is a list of advantages shadow passwords have over the traditional way of storing passwords on UNIX-based systems.

Most utilities provided by the shadow-utils package work properly whether or not shadow passwords are enabled. However, since password aging information is stored exclusively in the /etc/shadow file, any commands which create or modify password aging information do not work.

Below is a list of commands which do not work without first enabling shadow passwords: