Microprocessor-efficient user ID administration with the mkpasswd command
To improve login response time and conserve microprocessor time in systems with many users, the operating system can use a indexed version of the /etc/passwd file to look up user IDs. When this facility is used, the /etc/passwd file still exists, but is not used in normal processing.
The indexed versions of the file are built by the mkpasswd command. If the indexed versions are not current, login processing reverts to a slow, microprocessor-intensive sequential search through /etc/passwd.
The command to create indexed password files is mkpasswd -f. This command creates indexed versions of /etc/passwd, /etc/security/passwd, and /etc/security/lastlog. The files created are /etc/passwd.nm.idx, /etc/passwd.id.idx, /etc/security/passwd.idx, and /etc/security/lastlog.idx. Note that this will greatly enhance performance of applications that also need the encrypted password (such as login and any other program that needs to do password authentication).
Applications can also be changed to use alternative routines such as _getpwent() instead of getpwent(), _getpwnam_shadow(name,0) instead of getpwnam(name), or _getpwuid_shadow(uid,0) instead of getpwuid(uid) to do name/ID resolution in cases where the encrypted password is not needed. This prevents a lookup of /etc/security/passwd.