If the password field contains some string that is not a valid result of crypt(3), for instance ! or *, users will not be able to use a unix password to access the group (but group members do not need the password).
The password is used when a user who is not a member of the group wants to gain the permissions of this group (see newgrp(1)).
A password field which starts with an exclamation mark means that the password is locked. The remaining characters on the line represent the password field before the password was locked.
This password supersedes any password specified in /etc/group.
You should use the same list of users as in /etc/group.