Linux keep user account information in a text file called /etc/passwd. This file also store one way encrypted password. This file is accessed by several tools to get user information, so file need to world readable. This is a security risk. To minimize the security risk you can use shadow password format. This method save account information in regular file /etc/passwd. However, the password is stored as a single "x" character (not actually stored in this file). A second file, called "/etc/shadow", contains encrypted password as well as other information such as account or password expiration values, etc. The /etc/shadow file is readable only by the root account and is therefore less of a security risk
