In the early days of Unix (which Linux and Debian inherited), passwords were indeed stored in plain text within the /etc/passwd file. This was the standard practice until security concerns emerged in the late 1970s. The /etc/passwd file originally contained all user account information including:

username:x:1000:1000:User Name,,,:/home/username:/bin/bash

The vulnerability of storing passwords in world-readable /etc/passwd led to the development of shadow passwords. Here's how the transition worked:

1. Original format (insecure):

   username:plaintextpassword:1000:1000:User Name,,,:/home/username:/bin/bash

2. Modern format with password hash (still in /etc/passwd):

   username:x:1000:1000:User Name,,,:/home/username:/bin/bash

3. Current standard with shadow file:

   /etc/passwd: username:x:1000:1000:User Name,,,:/home/username:/bin/bash
   /etc/shadow: username:$6$salt$hashvalue:18047:0:99999:7:::

The key milestones in password storage security:

• 1971-1979: Plain text passwords in /etc/passwd
• 1979: Unix Version 7 introduced password hashing using crypt()
• 1987: Shadow password suite introduced by Julie Haugh
• 1992: Linux adopted shadow passwords
• Debian: Always used shadow passwords since its inception in 1993

If you encounter an old Unix system, you can check for plain text passwords with:

# Check if password field contains encrypted hashes
grep -v '^[^:]*:[x*!]:' /etc/passwd

# Check if shadow passwords are enabled
test -e /etc/shadow && echo "Shadow passwords enabled" || echo "No shadow file"

Today's Linux systems use sophisticated password hashing algorithms. The /etc/login.defs configuration determines the hashing method:

# Example of modern hash in /etc/shadow
username:$y$j9T$salt$hashedvalue:18047:0:99999:7:::

# Available hashing methods in modern systems:
# 1) MD5 (insecure)
# 2) SHA-256/SHA-512 (better)
# 3) yescrypt (current default in Debian)

Understanding this history is crucial because:

• Legacy systems might still use insecure methods
• Password recovery methods differ based on storage mechanism
• Security audits need to account for password storage methods

For modern systems, always ensure /etc/passwd contains 'x' in the password field and actual hashes are in /etc/shadow with proper permissions (0400).

In the original Unix implementations (which Linux/Debian inherited), passwords were indeed stored as plain text in /etc/passwd. This was the standard practice until around 1976. The /etc/passwd file was world-readable because many system utilities needed access to user information like UIDs and home directories.

# Example of early /etc/passwd format (pre-1976)
root:x:0:0:root:/root:/bin/bash
daemon:x:1:1:daemon:/usr/sbin:/usr/sbin/nologin

After realizing the security implications, Dennis Ritchie and Robert Morris developed the first password hashing scheme. They introduced:

• One-way encryption using the crypt() function
• A modified DES algorithm as the hashing mechanism
• Password hashes stored in the second field (replacing 'x')

Modern Linux systems use shadow passwords (/etc/shadow) which:

# /etc/shadow entry format
username:$6$salt$hash:18000:0:99999:7:::

Where:

• $6$ indicates SHA-512 hashing
• salt is a random value for each password
• hash is the actual encrypted password

You can check historical password storage through:

# Check for password hash in /etc/passwd
grep -v '^.*:x:' /etc/passwd

# View password hash format in /etc/shadow
sudo grep '^root' /etc/shadow

The transition from plaintext to hashed passwords addressed several vulnerabilities:

• Prevented direct password exposure
• Made brute-force attacks more difficult with salts
• Allowed separate permission controls via /etc/shadow

Key milestones in password storage: