UNIX was designed on the concept that the encrypted forms of passwords in the /etc/passwd file could be read by those having access to this file, which stored the full account information. However, in practice, users tend to use guessable passwords, which can be easily cracked.
A program called “crack” was developed that could guess dictionary words (/usr/dict) and then brute-force the system. Using “crack,” researchers found that on an average UNIX system, 90% of all passwords could be cracked with just a few days’ worth of computing time. To solve this very real problem, a “shadow” password file was developed for UNIX. Thus, the encrypted passwords are removed from the /etc/passwd file and placed in a special /etc/shadow file readable only by root.
Graham, R. Hacking Lexicon. [Online, 2001.] Robert Graham Website: http://www.linuxsecurity.com/resource_files/documentation/hacking-dict.html.