This blog is all about Cyber Security and IT

Monday, March 18, 2019

Do you know where the passwords are stored in linux?

Two important files in the Linux system are responsible for storing user credentials:


Is a text file that stores all the account information (except the password) required for user login.

The following sample entry from an /etc/passwd file will help clarify its components:

1. User Name: This is the username used to log in.

2. Password: The X character implies that encrypted password for this user is stored in the /etc/shadow file.

3. User ID (UID): Each user on the system has a unique ID. UID 0 (zero) is reserved for the root user.

4. Group ID (GID): This is the group ID of the group to which the user belongs.

5. User ID Info: This comment field can store additional information about the user, including email, telephone number, and so on.

6. Home Directory: This is the default directory that will be available for the user after login. All the user-specific documents and settings are stored in the respective home directory.

7. Command/Shell Path: This is the path to the command prompt, or shell .


Is a text file that stores actual passwords in hashed format. It also stores parameters related to the password policy that has been applied for the user. Following is an example entry from the /etc/shadow file:

1. Username: This is the username to which the password belongs.

2. Password: This is the password stored in hashed format.

3. Last password change: This field indicates the number of days since the last password change.

4. Minimum Age: This denotes the number of days remaining before the user can change his or her password.

5. Maximum Age: This denotes the maximum number of days after which the user must change his or her password.

6. Expiry Warning: This denotes the number of days before which the user must be warned about the password expiring.

7. Inactive: This is the duration in days after password expiry that the account will be disabled.


Post a Comment