Linux passwords are not stored in plain text, but in a scrambled or encrypted form known as a hash. A hash is a one-way function that transforms a string of characters into a fixed-length value. The same input always produces the same hash, but it is impossible to reverse the process and recover the original input from the hash. This way, the system can verify the user’s password without exposing it to anyone who can read the file where the hashes are stored. The file that contains the password hashes is /etc/shadow, which is only readable by the root user or members of the shadow group. The passwd utility is used to change the user’s password, which updates the hash in the /etc/shadow file. References: Linux Essentials 1.6 Topic 105: Security and File Permissions, How to Change Account Passwords on Linux, Where is my password stored on Linux?
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit