If you are adding a new user, you should use username cisco password 0 cisco
and it will be encrypted:
router(config)#username cisco password 0 cisco
router(config)#do sho run | i username cisco
username cisco password 7 045802150C2E
Now you can copy the encrypted password (045802150C2E) and configure it for the same or any other user on any router with username cisco password 7 045802150C2E. This feature allows for username portability.
Note that, the encrypted password can easily be cracked:
Though it has solved my problem to some extent but the mystery is still unsolved completely because once I use the 'do' command, I can create more then one user with level 7 password at the same time without using the 'do' command again for each user. I know this 'do' command is used to run exec level commands in global conf mode but Is the same command is any type of service also?
Sorry, I jammed all commands in 2 lines. You are right, the "do" command is just a convenient way of using exec commands from the config mode, it has no significance here.
What I meant to say is, when using "username cisco password 0 ..." the IOS is expecting you to type a clear text password. After that the IOS encrypts the password because "service password-encryption" is enabled:
you cannot enter a level 7 password in cleartext, level 7 expects an encrypted string. In order to enter ´cisco´ as an encrypted string, you first have to find out what the encrypted string looks like, once you know that, you can enter that string:
enable password 7 110A101614D
Try the following in order to see how it works:
Type ´enable password 0 cisco´ and then enable ´service password-encryption´. Write down the encrypted string you see in your configuration. Then reverse what you just did, that is, type ´no service password-encryption´ and ´no enable password 0 cisco´. Then, type ´enable password 7´ followed by the encrypted string you wrote down...