How Passwords Are Stored
The system verifies authenticity and identity using user credentials.
Originally, encrypted passwords wer stored in the /etc/passwd file, which was readable by everyone. this mde it rather easy for passwords to be craked.
On modern systems. passwords are actually stored in an encrypted format in a secondary file named etc/shadow Onyly those with root access can read or modify this file.
Password Encrpytion
Protecting passwords has became a curucial element of security. Most Linux distributions rely on a modern password encryption algorithm called SHA-512 (Secure Hashing Algorithm 512 bits), developed by the U.S. National Security Agency (NSA) to encrypt passwords.
The SHA-512 algorithm is widely used for security applications and protocols. These security applications and protocols include TLS, SSL, PHP, SSH, S/MIME and IPSec. SHA-512 is one of the most tested hashing algorithms.
for example, if you wish to experiment with SHA-512 encoding, the word “test” can be encoded using the program sha512sum to produce the SHA-12 form
Good Password Practices
-
password aging by
chage -
users to set strong passwords by Pluggable Authentication Modules PAM configuration is implemented using a library called
pam_cracklib.so, which can also be replaced bypam_passwdqc.soto take advantage of more options.