Technically the user 'user' has an invalid password hash. Unix platforms store user passwords as a hash instead of plain text. To login in you type your password. The server calculates a hash based what you typed in. It then compares the computed hash to the stored hash. If they match then you are let in. If the stored password hash is invalid. You can never get logged in.