Auditor from a Large accounting firm delivered a scathing report about how we had completely insecure passwords in our environment.
Evidence?
Every password entry in /etc/passwd on Solaris was '*'.