Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3367
Views
0
Helpful
2
Replies

IOS 15.4 Enable Secret issue

Go to solution
Brett Martin
Level 1
Level 1

‎01-04-2016 01:23 PM - edited ‎02-21-2020 05:40 AM

Hello,

My understanding is that enable secret type 4 is a security concern and the type 4 command is deprecated in IOS 15.4M.

I would like to create an enable secret using a plaintext password and have it encrypted so it is not visible from command line or the configuration file. I woulkd like to be able to "copy" this enable secret password into other devices as well. Is there a way to create an enable secret password in plaintext and have the router hash/encrypt it?

Thanks!

Brett

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Philip D'Ath
VIP Alumni
VIP Alumni

‎01-04-2016 04:55 PM

Simply type:

enable secret <plain text>

You can then copy either the plain text or encrypted version of the command to another device.

ps. I have written a type 5 password cracker in javascript.  It is fastest on Chrome.  If you can crack the password with this then you know you have chosen a weak password.

http://www.ifm.net.nz/cookbooks/cisco-ios-enable-secret-password-cracker.html

If you are using IOS 15.4 as you indicate, they you can use the much much much stronger scrypt algorithm.

enable algorithm-type scrypt secret <plain text password>

Once again, you can copy and paste either the plain or encrypted versions of this line to another Cisco router and have it work just fine.

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Philip D'Ath
VIP Alumni
VIP Alumni

‎01-04-2016 04:55 PM

Simply type:

enable secret <plain text>

You can then copy either the plain text or encrypted version of the command to another device.

ps. I have written a type 5 password cracker in javascript.  It is fastest on Chrome.  If you can crack the password with this then you know you have chosen a weak password.

http://www.ifm.net.nz/cookbooks/cisco-ios-enable-secret-password-cracker.html

If you are using IOS 15.4 as you indicate, they you can use the much much much stronger scrypt algorithm.

enable algorithm-type scrypt secret <plain text password>

Once again, you can copy and paste either the plain or encrypted versions of this line to another Cisco router and have it work just fine.

0 Helpful

Go to solution
Brett Martin
Level 1
Level 1
In response to Philip D'Ath

‎01-06-2016 06:38 AM

Thank you for the clarification and instruction!!

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card