The fields in /etc/shadow:
* Username — The name the user types when logging into the system. This allows the login application to retrieve the user's password (and related information).
* Encrypted password — The 13 to 24 character password. The password is encrypted using either the crypt(3) library function or the md5 hash algorithm. In this field, values other than a validly-formatted encrypted or hashed password are used to control user logins and to show the password status. For example, if the value is ! or *, the account is locked and the user is not allowed to log in. If the value is !! a password has never been set before (and the user, not having set a password, will not be able to log in).
* Date password last changed — The number of days since January 1, 1970 (also called the epoch) that the password was last changed. This information is used in conjunction with the password aging fields that follow.
* Number of days before password can be changed — The minimum number of days that must pass before the password can be changed.
* Number of days before a password change is required — The number of days that must pass before the password must be changed.
* Number of days warning before password change — The number of days before password expiration during which the user is warned of the impending expiration.
* Number of days before the account is disabled — The number of days after a password expires before the account will be disabled.
* Date since the account has been disabled — The date (stored as the number of days since the epoch) since the user account has been disabled.
* A reserved field
|