The number '7' indicates that the password has been encrypted. Router(config)#service password-encryptionĭisplaying the running config will show the following: To enable password encryption, do the following: To configure an enable password, do the following: It is better to use secret passwords with local authentication as the secret passwords are a lot harder to crack. Service password encryption would prevent that person seeing the passwords in clear text. Cisco says that this encryption should be used for a situation where someone is looking over your shoulder and you type “show run” or another command that displays passwords. WARNING: Service password encryption uses weak encryption and can easily be cracked. It will encrypt the enable password as well as encrypting all other clear text passwords on your router including the VTY, AUX, console and user passwords. Service password encryption will encrypt passwords. People will also be able to see your passwords if they are saved on a TFTP server or disk as they are all in clear text. That means that anyone standing behind you when you type the commands “show running-config” or “show startup-config” will be able to see your passwords. The enable password is stored by default as clear text in the router or switch’s running configuration. One fundamental difference between the enable password and the enable secret password is the encryption used. Only use this tool for legitimate training purposes. Note: Enter the encrypted password without the 7 in front and Service password encryption is just a false sense of security.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |