6.8.  Shadow Passwords.

  Shadow passwords are a means of keeping your encrypted password
  information secret from normal users. Normally, this encrypted
  passwords are stored in /etc/passwd file for all to read. Anyone can
  then run password guesser programs on them and attempt to determine
  what they are.  Shadow passwords, by contrast, are saved in
  /etc/shadow, which only privileged users can read. In order to use
  shadow passwords, you need to make sure all your utilities that need
  access to password information are recompiled to support them. PAM
  (above) also allows you to just plug in a shadow module; it doesn't
  require re-compilation of executables.  You can refer to the Shadow-
  Password HOWTO for further information if necessary.  It is available
  at http://metalab.unc.edu/LDP/HOWTO/Shadow-Password-HOWTO.html It is
  rather dated now, and will not be required for distributions
  supporting PAM.