Shadow Password Files
Shadow Password Files
Shadow Password Files definition
Shadow password files are a way of improving system security by securing user passwords. In some computer systems, like ones that use Linux, there’s a list (a file) where all the usernames and scrambled passwords used to be kept. The problem was that this list could be read by anyone using the system, so it wasn’t very safe.
To make it safer, a special hidden vault (the shadow password file) was created to store the scrambled passwords. Only the computer’s root-user (the system’s admin) can open this vault.
So, when you type in your password, the system checks it with the one in the vault. If they match, you’re in! This way, the passwords are kept much safer.
See also: password vault, hashing, hash function
How shadow password files work:
- When you create a password, the system scrambles it up (this is called hashing) using a special process. It then stores this hashed password in a secure vault (the shadow password file).
- The shadow password file is very secure. Only the top admin of the system (also known as the ‘root’ user or ‘superuser’) can see what’s inside.
- When you want to log in, you type in your password. The system hashes the password you entered in the same exact same way it did when you first created it.
- The system then checks this hash against the hash it has in the shadow password file.
- If the two hashes match, the system knows you entered the correct password, and lets you in. If they don’t match, you’re not allowed in.