shadow(F) 19 June 1992 shadow(F) Name shadow - shadow password file Description /etc/shadow is an access-restricted ASCII system file. The fields for each user entry are separated by colons. Each user entry is separated from the next by a newline. Unlike the /etc/passwd file, /etc/shadow is not generally readable. The /etc/shadow file contains the following information for each user: username The user's login name (ID). password The encrypted password for the user, prefixed with the string *LK* when the account is locked, the string *RETIRED* when the account has been retired, or no string when the account does not have a password. lastchanged The number of days between January 1, 1970, and the date that the password was last modified. minimum The minimum number of days required between password changes. maximum The maximum number of days for which the password is valid. The encrypted password consists of characters chosen from a 64-character alphabet ( ., /, 0-9, A-Z, a-z). An encrypted password may be up to 112 characters long, the length being controlled by the length of cleartext password field on the Accounts -> Default -> System selection. Every 8 characters of cleartext uses 11 characters of encrypted text. Encrypted passwords are always prefixed by a 2 character salt. The minimum length of an encrypted password is 13 characters. Files /etc/passwd /tcb/files/auth/*/? See also passwd(F) passwd(C) login(M) sysadmsh(ADM) rmuser(ADM) unretire(ADM) getprpwent(S)