Many programs require access to user information such as shell, real name, and so on. In older UNIX systems, this was stored in the /etc/passwd file, along with the actual hashed password, and everyone could read this file. This became a problem as UNIX spread into universities. Computer science students had great fun trying to crack hashed passwords, and regretfully they succeeded on too many occasions. Hackers targeted the password file, which was easy to read because of the sloppy permissions. Eventually, the hashed passwords were moved to /etc/master.passwd. The /etc/passwd file remained as an information source for other programs, but was sanitized to remove any sensitive information.
The /etc/passwd file is generated from the /etc/master.passwd file by stripping out the class, change, and expire fields. The hashed password is replaced with an asterisk. The fields that remain are:
username
password (asterisk)
user ID number
group ID number
gecos
home directory
shell
See /etc/master.passwd for details on these fields.