When I first studied Unix a few years ago, I read that one should use an
asterisk to denote an impossible (i.e. unusable) password because
asterisks are not in the set of ciphertext characters used by the Unix
password encryption scheme.
On our Red Hat Linux and Solaris systems, "x" is used in the password
file to indicate that the password is located in the shadow file.
Also, "NP" is often used to denote an impossible password.
--Avi
Larry Jones wrote:
>
> Tony Cleveland writes:
> >
> > Aside from any technical issues, doesn't a "*" in the password field of the
> > password file typically indicate a locked account?
>
> It's what's traditionally used in /etc/passwd when shadow passwords are
> in use; this usage seems analogous -- "the password is not here, it is
> stored elsewhere". It *does* have the convenient property of being an
> impossible password string, so if the "somewhere else" doesn't exist or
> doesn't contain a password for this particular user, the account is
> automatically disabled. Most people I know use "x" (which is also an
> impossible password string) for intentionally disabled accounts.
