Prevent Log In to Accounts With Empty Password
If an account is configured for password authentication
but does not have an assigned password, it may be possible to log
into the account without authentication. Remove any instances of the 'nullok'
option in '/etc/pam.d/system-auth' to
prevent logins with empty passwords.