Comment 1 for bug 1851300

I've selected the most likely packages to be involved, based on a guess. Without knowing how the user attempted to set their password though, this is going to be pretty impossible to track down.

/etc/passwd hasn't had passwords stored in it by default for something like 25 years. My best guess at the moment is some vastly inappropriate tool was used somewhere along the way (with suspicion leaning towards web-based 'consoles').

If you can figure out how this happened (or better yet, tell us how to recreate it), please do report back and mark the bug New again.

Thanks