--- usr.sbin/pwd_mkdb/pwd_mkdb.c.ORI	2009-06-10 21:11:21.000000000 +0200
+++ usr.sbin/pwd_mkdb/pwd_mkdb.c	2010-03-11 11:53:47.000000000 +0100
@@ -555,11 +555,12 @@
 					error("put");
 			}
 		}
-		/* Create original format password file entry */
-		if (is_comment && makeold){	/* copy comments */
-			if (fprintf(oldfp, "%s\n", line) < 0)
-				error("write old");
-		} else if (makeold) {
+		/* Create original format password file entry.
+		 * Don't copy comments since this could reveal
+		 * encrypted passwords if entries have been
+		 * simply commented out in master.passwd.
+		 */
+		if( makeold && !is_comment ) {
 			char uidstr[20];
 			char gidstr[20];