Some accounts are not associated with a human user of the system, and exist to perform some
administrative functions. An attacker should not be able to log into these accounts.
System accounts are those user accounts with a user ID less than 1000.
If any system account other than root, halt, sync, shutdown
and nfsnobody has an unlocked password, disable it with the command:
$ sudo usermod -L account