“Why shadow passwords? Simply put, the shadow password
scheme addresses the major shortcoming of the original Unix
password-handling scheme, the fact that the password list was
stored as a world-readable file.“
“The encoding mechanism for Unix passwords was (and is) very
secure, being a one-way algorithm and therefore easy to apply but
impossible to reverse. However, the password file itself is
vulnerable to a cracking technique known as a dictionary attack, in
which all the words from a large dictionary file are encoded and
compared with the encoded password (readable by any user, remember)
in /etc/passwd. This dictionary file is usually based on a normal
English-language dictionary, with the addition of slang and weak
passwords like “gandalf,” “xyzzy,” “qwerty,” or even (God help us)
“password.” If the two match, then the original unencoded word is
the password.”
“This may sound simple, but it takes a while to run the tens, or
hundreds, of thousands of dictionary entries against a single
password. Still, it is not extremely difficult with today’s
high-performance computing systems. Shadow passwords retain the
Unix password mechanism and its backward compatibility with the
huge Unix application base, while preventing the dictionary
attack.”