In linux journal they have two echo commands
I know what these numbers are, but I am not telling you, because I am hungry (kidding), try to find out yourself. What it does it creates the user with username eviluser with uid and gid set to 0, and there's no encrypted password which goes to /etc/shadow, so if it's done as root, now any user can gain root access just typing
/bin/su - eviluser
Good luck on this one, so as for encryption I think pam utils package is the solution, so keep on reading man pages and you'll get your launch.