Difference between enable secret command and service password-encryption

rmv72 · ‎05-20-2003

"If you enable the service password-encryption command, the password you enter is encrypted. When you display the password with the more system:running-config command, the password displays the password in encrypted form."

But when i read my config i see:

no service password-encryption

!

hostname ...........

!

enable secret 5 $1$P4W8$qBWR/t........FPzkgiBoV/

!

My password already encrypted! Than which different of purposes enable secret &service password-encryption ?

dnagarajachary · ‎05-20-2003

service password-encryption, not only enables the enable password, but also all the passwords, like vty line passwords, console passwords etc

-Deepu

rmv72 · ‎05-20-2003

it means that if apply service password-encryption than my secret password in config will be encrypted again and also other passwords ?

kthanuva · ‎05-20-2003

Hi,

Service password Encrption is used to encrypt all the passwords available in the configuration.

For ex: if you are having enable password ,pap,chap password in ur configuration.then If you turn on service password encryption it will encrypt all the password.(enable password,pap,chap passwords)

The enable secret command provides better security by storing the enable secret password using a non-reversible cryptographic function. The added layer of security encryption provides is useful in environments where the password crosses the network

Regards

Kiruba

rwiesmann · ‎05-20-2003

Hi

The enable secret password is always encrypted independent of the

service password-encryption command.

If you enable the service password-encryption passwords like the enable password or the login password and the username password will be encrypted.

Hope that helps

Regards

Roger