A typical entry in the passwd file would look like this:
juniper:x:500:500:Dragon Mage:/home/juniper:/bin/bashexcept that the 'x' after the username would usually be a series of gobbledygook symbols, if password shadowing is not enabled.
The first section of that line is the user's username. The second section is her password. The third section is her User ID (UID), the fourth is her Group ID (GUID). The fifth section is her name as it appears in a finger command. The sixth is the location of her files, commonly called her home directory, and the seventh is the type of shell that she is using.
This information should take up only one line in the passwd file. If it scrolls, it will cause problems for the user later on. Make a note of this when editing the passwd file.
All of these fields, with the exception of the user's name, must have data in them or the account will not function correctly or safely. An account with nothing in the password field is unlocked and available for anyone to use. This is a bad idea.
To change the type of shell that a user starts with, change the /bin/bash (the default) to /bin/tcsh or whatever other shell the user wants.
There are two common ways of disabling a user's account without deleting the account. The first is to put a # mark in front of the user's line in the password file. The second is to replace her encoded password with an *. The first is relatively easy to undo; the second requires resetting her password.
Leaving the passwords accessible in the /etc/passwd file, even encrypted, is not a wise idea; it allows anyone with an account on the system to examine the passwords and possibly decrypt them. Implementing shadow passwords is reasonably simple and will save the system administrator a great deal of trouble later on.