Encrypt Passwords on Cisco Router

| Comments

By default, when adding a username and password to a Cisco router or switch, the password will show up as clear text. So the question then becomes:

How do you encrypt the password on a Cisco Router?

You should avoid creating a username like this:
username TESTUSER password TESTPASS

This will result in a clear text password in the configuration. To encrypt all of the passwords after that has been done you can do the following command:

service password-encryption

However that only does a very weak encryption. It only does a type 7 encryption which is incredibly easy to decipher. A quick google search and you’ll find many password decrypting tools to break those types of passwords.

A more secure password encryption is to use the secret command as in the following:
username TESTUSER secret TESTPASS

This will create level 5 encryption by default and doesn’t even require you to use the ‘service password-encryption’ command.

cisco, ios, passwords, router, switch, troubleshooting

Comments