From Archlinux git
Set a default root password.
This will prevent root login with an empty password on a fresh Arch Linux
This is only about the default behaviour, you could restore the previous one by
passwd -d root'.
Please note, this is not recommended and behave inconsistenly between
We use a trick in the shadow file to set a default password which never allow
login by using this password.
The special value '' is used in the shadow file.
We don't use '!', '!!', '!' on purpose.
The special '!' char, which should mean password locked (and not account locked)
is interpreted by some applications (e.g. sshd) as an account locked and will
prevent root login.
This change was suggested by Lennart Poettering and Zbigniew Jedrzejewski-Szmek