Advertisement
Online Test Banks
Score higher
See Online Test Banks
eLearning
Learning anything is easy
Browse Online Courses
Mobile Apps
Learning on the go
Explore Mobile Apps
Dummies Store
Shop for books and more
Start Shopping

Cisco Networking: Setting the Enable Password

The enable password is used when you move from User EXEC mode to Privileged EXEC mode on a Cisco device. This condition gives you security on your switch because Privileged EXEC mode is where all the dangerous commands are, including Global Configuration mode. To set an enable password you would use the following command:

Switch1>enable
Switch1#configure terminal
Switch1(config)#enable password mypass

This command creates an enable password that is stored in the configuration file. To view this password, show your running configuration using the following command:

Switch1>enable
Password:
Switch1#show running-config | include enable password
enable password mypass

The problem with the enable password is that it is stored in plain text in the configuration file. Anyone with access to your configuration file can read your password without any trouble. Cisco’s solution to this problem was to create a new type of password called the secret password.

When you configure both an enable and a secret password, the secret password is the password that will be used to change from User EXEC mode to Privileged EXEC mode, instead of the weaker enable password. The following code sets both passwords for your switch:

Switch1>enable
Switch1#configure terminal
Switch1(config)#enable password mypass
Switch1(config)#enable secret mysecret

To see this in your configuration, use the following command:

Switch1>enable
Password:
Switch1#show running-config | include enable
enable secret 5 $1$BSX4$FZp.ZFvYSAGUEDn8dvr140
enable password mypass

Most encrypted passwords in your configuration file use a weak reversible encryption and will be identified by a 7 in the password line, whereas the secret password is encrypted with a one-way MD5 hash with a 5 denoted in the password line. You may also see a 0 that identifies it as an unencrypted password.

blog comments powered by Disqus
Advertisement
Advertisement

Inside Dummies.com

Dummies.com Sweepstakes

Win an iPad Mini. Enter to win now!