Quote:
Passwords are no longer stored in /etc/passwd. If you have access to /etc/shadow, then you already have root access to the target system anyway, either through the root password, or physical access.
Yes, I am using the term "password file" in the general since, as we have not discussed a specific system, algorithm, configuration, security policy, etc.
And, we are getting far off topic in my view; the original poster asked why there is a requirement for strong passwords versus weak ones; not for a discussion of every possible argument pro and con for security.
It's not that hard for an experienced attacker to gain root access; but that is not a topic for this thread. In fact, as we know, we can gain root access for most any computer we have physical access to.
Let's not go down that path.. thanks. The path just gets further and further off topic of the question asked by the original poster.