Linux: How the password is stored, salted and hashed securely?

In earlier systems, passwords were stored in the file /etc/passwd and they were not encrypted.

After the user is created, an entry gets recorded in /etc/passwd with ‘x’ in the second column instead of the acutal password.

$ useradd timmy

$ cat /etc/passwd

For security reasons, passwords are now stored in the file /etc/shadow and they are encrypted. Password was not set initially, when the user was created. This is indicated by !! mark (in RedHat, ! – Debian)

$ cat /etc/shadow


To set the password, issue the linux command.
$ passwd timmy

We will set the password for this user as ‘jimmy’ and can check the shadow file

$ cat /etc/shadow

The password that is stored in the second column is not a straight hash of the string “jimmy”

Password is in fact the MD5-salted version of the string. Salt is generated by the system when the password gets stored in the shadow file.

To understand the structure of the password string, we can break the string into four parts

$1$ – indicates that MD5 algorithm is used

KaO8EWvi – salt generated by system

$ – separation character between salt and hash

WGT82UrL6aPgzf66u35D00 – hash of salted password

To know more about password authentication in Linux check the PAM Manual
$ man pam_linux



Written by kurinchilamp

Website: http://

Leave a Reply

Your email address will not be published. Required fields are marked *