The /etc/passwd file in Linux Explained with Examples
The /etc/passwd file saves a database of local user accounts. There are two types of user accounts: local and network. Local user accounts work only on the local system. Network user accounts work on all network systems.
A server or a centralized system saves information about network users. Administrators create and configure many security policies for these accounts, such as allowed systems and time slots for login, login attempts, and account lock-out policies. By default, these accounts are not available on Linux systems. If you want to use a network user account to log in, you must first connect the system to the network and create a network user account on the server system. If a system is not attached to the network, you cannot use a network user account to log in.
Linux saves local user accounts' information in the /etc/passwd file on the local system. Regardless of the network status, you can always use a local user account to log in to the system. When you use a local user account to log in, Linux uses this file to check the username you entered. If the typed username is correct, it checks the /etc/shadow file to verify the password. If both are correct, it grants the login permission. If not, it denies the login request.
The /etc/passwd is a regular text file. You can use any available text editor to edit or update this file. For example, you can use Vi, Vim, Emacs, or Gedit. This file saves entries in lines. Each line represents a user account. For example, if this file has ten entries, there are ten user accounts.
Each entry has the following seven fields separated by colons (:).
- User name or login name
- Encrypted password
- User ID
- Group ID
- User details
- User's home directory
- User's login shell

User name
The first field saves user names. Each username must have a unique value. Two user accounts can not have the same username. The default limit of this field is 32 characters.

Because of this, a username cannot be more than 32 characters in length. In addition to it, you are also not allowed to use colons and newlines characters in the username. A colon is a field separator, and a newline is an entry separator. Besides colons and newlines, you can use any other characters or symbols. However, to avoid unnecessary confusion, you should use only alphanumeric characters in the username. Usernames are case-sensitive. For example, John and john are different usernames. Although you can use usernames in any case, lowercase names are traditional and easy to type.

This field gets value from the useradd command. The useradd command adds a new user account. It requires the username as a compulsory argument. It finds the given username in this file. If the given username is not present in this file and meets all requirements, it adds a new entry at the end of all entries and adds the given value to the first field of the entry.
Encrypted password
A long ago, Linux saved encrypted passwords in this field. At that time, DES was the default encryption algorithm. DES uses a 56-bit algorithm for encryption. In modern times, a 56-bit algorithm is considered a weak algorithm. Modern systems can easily crack this algorithm. Linux no longer uses this algorithm to encrypt passwords. Now, it uses MD5 or SHA-512 algorithms to encrypt passwords. These algorithms generate more secure but lengthy encrypted values for passwords. To enhance security, Linux no longer saves passwords in this file. It saves them in the /etc/shadow file. Now, this field saves a placeholder value X. The X here indicates that the password is available in another file.

User ID
Linux assigns a unique integer value to all user accounts. This value is called UID (user ID). Linux uses this value to track and manage all user actions, such as creating files, modifying system properties, starting applications and processes, etc. It reserves the first UID (0) for the root user account. After assigning the UID to the root user account, it assigns UIDs to system accounts such as bin, lp, mail, news, games, ftp, etc. UIDs of regular user accounts usually start from 1000.

Since Linux uses UID rather than login name to tack files, you should never assign the UID of a deleted user account to a new user account. If files created under deleted accounts exist in the system, the new user will be mapped with those files automatically.
Group ID
Managing services based on individual user accounts is the most tedious task. Grouping makes this job easier. A group is a collection of user accounts that are alike or require access to a particular resource. For example, you want twenty users to access a specific file. Without grouping, you would have to set the permission twenty times. But with grouping, you can do it in one go.
A user can belong to one or more groups. While creating a user account, if you do not specify the group name, the shell automatically creates a new group and adds the user account. This group is known as the primary or default group of the user. After creating the user account, you can add it to other groups. Apart from the primary group, all other groups are considered secondary groups.
The fourth field in each line stores the GID of the user's primary group. Group information of a user account is stored in /etc/group file separately. Just like usernames, a group name also has a unique ID. It is called GID. Linux uses GID instead of group names to track, monitor, and authenticate group activities.

User description
The fifth field stores descriptive information about the user account. For example, you can use this field to save the user's full name, email address, phone number, position in the organization, etc. The chfn command adds this information.

Home Directory
The sixth field stores information about the user's home directory. The login process uses this information to decide where to put the user immediately after login. In other words, this is the default directory that the user gets immediately after the login process. If you skip this information when creating a user, the shell automatically sets it to /home/username.

Login shell
The last field stores information about the user's default shell. While creating a regular user account, if you skip this information, it uses the default shell. The default shell for a regular user account is /bin/bash.

Some special accounts never require shell access. Administrators usually assign a fake shell such /bin/false or set this field to blank in these accounts. This precaution prevents hackers from breaking the system through these accounts.
This tutorial is part of the tutorial series 'Linux User and Group Management Explained with Examples'. Other parts of this series are the following.
Chapter 01 Difference between the root user and super (sudo) user
Chapter 02 Linux User Management Explained with Examples
Chapter 03 Linux Group Management Explained with Examples
Chapter 04 Password aging policy Explained with chage command
Chapter 05 The /etc/group File Explained
Chapter 06 The /etc/gshadow File Explained
Chapter 07 The /etc/passwd file in Linux Explained with Examples
Chapter 08 The /etc/shadow file in Linux Explained with Examples
Chapter 09 The useradd command Explained
Chapter 10 The gpasswd command Explained
Chapter 11 The chage command Examples and Usages
Conclusion
The /etc/passwd file saves login information for local user accounts. The login process uses this file to authenticate local login attempts. This file has seven fields. This tutorial explained these fields through examples.
Author Laxmi Goswami Updated on 2026-04-11