Information
An account with an empty password field means that anybody may log in as that user without providing a password at all (assuming that PASSREQ=NO in /etc/default/login).
Solution
Use the passwd -l command to lock accounts that are not permitted to execute commands (shown by *LK* in the password field). Use the passwd -N command for accounts that do not use a password to login but must execute commands (shown by NP in the password field).