topic Re: user password vs. user secret in Network Access Control https://community.cisco.com/t5/network-access-control/user-password-vs-user-secret/m-p/988719#M386039 <HTML><HEAD></HEAD><BODY><P>In most cases using MD5 password will probably be the better option. I can think of one scenario where use of non-MD5 password can be helpful.</P><P></P><P>Let's say security isn't a concern for a router, which sits behind a firewall on the trusted side of the network. The router configuration is backed up periodically. If the network admin forgot the password then he could pull the backed up configuration and retrieve the password. Instead, if MD5 password was used performing password recovery on the router would be the only option. </P><P></P><P>There can be other reasons why use of non-MD5 password might be a better option. But, under normal circumstances MD5 will give you the extra security to protect password from being decoded.</P><P></P><P>HTH</P><P></P><P>Sundar</P></BODY></HTML> Wed, 19 Mar 2008 18:13:00 GMT sundar.palaniappan 2008-03-19T18:13:00Z user password vs. user secret https://community.cisco.com/t5/network-access-control/user-password-vs-user-secret/m-p/988718#M386032 <P>Most IOS configs (mine included!) seem to use passwords instead of secrets for local users.</P><P></P><P>If <B>password</B> is weak, reversible encryption, and <B>secret</B> is md5, is there a reason other than habit why people don't use the stronger one?</P><P></P><P>Just curious. </P><P></P><P>Paul</P> Sun, 10 Mar 2019 22:44:06 GMT https://community.cisco.com/t5/network-access-control/user-password-vs-user-secret/m-p/988718#M386032 pnicolette 2019-03-10T22:44:06Z Re: user password vs. user secret https://community.cisco.com/t5/network-access-control/user-password-vs-user-secret/m-p/988719#M386039 <HTML><HEAD></HEAD><BODY><P>In most cases using MD5 password will probably be the better option. I can think of one scenario where use of non-MD5 password can be helpful.</P><P></P><P>Let's say security isn't a concern for a router, which sits behind a firewall on the trusted side of the network. The router configuration is backed up periodically. If the network admin forgot the password then he could pull the backed up configuration and retrieve the password. Instead, if MD5 password was used performing password recovery on the router would be the only option. </P><P></P><P>There can be other reasons why use of non-MD5 password might be a better option. But, under normal circumstances MD5 will give you the extra security to protect password from being decoded.</P><P></P><P>HTH</P><P></P><P>Sundar</P></BODY></HTML> Wed, 19 Mar 2008 18:13:00 GMT https://community.cisco.com/t5/network-access-control/user-password-vs-user-secret/m-p/988719#M386039 sundar.palaniappan 2008-03-19T18:13:00Z