"The [redacted to please Cloudflare who block anything that looks like a path] passwd database is not extensible, and therefore Linux has evolved numerous secondary databases that are stored elsewhere, such as [redacted to please Cloudflare] shadow, a privileged location used for encrypted password hashes and other password-related fields, such as the maximum time before a password expires."
Linux has evolved no such thing. It's simply inherited it from Unix
It was a necessary step for Unix to evolve in that way after the sort of incident described in "The Cuckoo's Egg". The password file has to be world readable because user programs such as ls and chown need to be able to map UIDs to user names and is small enough to be exfiltrated even over a dial-up modem link. Once desktop processing power became sufficient to crack the encryption then in use in passwd the actual passwords needed to be moved into a separate file which could be privileged because only a limited number of system programs needed access.
We now have a lot of fussing about state and configuration to satisfy some arbitrary scheme about directory usage. Stuff that. Unix directory usage, like the rest of the system, was designed on practical grounds. We're seeing the steady destruction of a working, practical system design to satisfy the ego of a Jonny-come-lately. If he wants to design a system to his own notions let him go ahead and do that from scratch and get out of everybody else's hair.