shadow password file

1. The original password is encrypted (or encoded) by using a randomly-generated value or encryption key between 1 and 4096 and a one-way hashing function to arrive at the encoded password that is actually stored. Note that the stored result is not something that you can enter as a password itself.
2. The key (referred to as the salt) is stored with the encoded password. Note the key itself can't be used to decode the encrypted/encoded password because the encoding is one-way. You can't decode the result back into the original password by using the key.
3. When someone enters a password, their password is then rehashed with the salt value and compared with the encoded password value. If they match, the user is given access to the system.

Read more about shadow password file: - Why shadow your passwd file? provides more information and tells where to download the Shadow Suite.

Do you have something to add to this definition? Let us know. Send your comments to techterms@whatis.com

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Trends in enterprise identity and access management The market for identity and access management (IAM) products is growing rapidly to meet varied business and compliance demands. What trends -- good... Societe Generale bolsters internal controls, discovers second insider Trader Jerome Kerviel conducted more than $7 billion in fraudulent trades with the help of an assistant, according to an investigation conducted by... What tools can a hacker use to crack a laptop password? Password cracking may be a hacker's specialty, but there are also many strategies to keep passwords secure.

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary graphical password  (SearchSecurity.com) identity chaos  (SearchSecurity.com)