> Thus, the shadow file locks things up a bit more, brings some more > complexity, but this doesn't mean /etc/passwd is insecure. > If you use strong passwords, you don't need the shadow-file. If you > have a weak password, the shadow-file on the other hand just delays the > eventual breach.
The problem arises when you have a system with hundred of users. You have to ensure that all the users have a strong password (some of them without any basic knowledge about computers or security), so the only way is modifying passwd program to force secure passwords, so at the end you add complexity in another part of the system. -- Roberto E. Vargas Caballero
