Password Attacks
Credential Storage
Linux
/etc/shadow
contains the hashes
Format: $id$salt$hash$
Hash algorithm ID:
In the past, the encrypted password was stored together with the username in the /etc/passwd
file, but this was increasingly recognized as a security problem because the file can be viewed by all users on the system and must be readable. The /etc/shadow
file can only be read by the user root
.
passwd file
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Windows
Last updated