Error while giving level 7 password
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-24-2005 09:33 PM - edited 03-03-2019 09:08 AM
Hi,
While creating a user and giving a level 7 password on the cisco 3745 Router, its showing the following error:
Invalid encrypted password: cisco
But if I give it level 0 password which is unencrypted level, it takes it successfully. "service password-encryption" is also enabled.
Router(config)#username cisco password 7 cisco
Invalid encrypted password: cisco
regds
Ashish
HCL Infinet Ltd
India
- Labels:
-
Other Routers

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-24-2005 10:32 PM
Hi,
If you are adding a new user, you should use username cisco password 0 cisco
and it will be encrypted:
router(config)#username cisco password 0 cisco
router(config)#do sho run | i username cisco
username cisco password 7 045802150C2E
Now you can copy the encrypted password (045802150C2E) and configure it for the same or any other user on any router with username cisco password 7 045802150C2E. This feature allows for username portability.
Note that, the encrypted password can easily be cracked:
http://www.kazmier.com/computer/cisco-noswing.html
For a stronger password use username cisco secret 0 cisco
Reference:
Regards,
Mustafa
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-25-2005 11:25 PM
Though it has solved my problem to some extent but the mystery is still unsolved completely because once I use the 'do' command, I can create more then one user with level 7 password at the same time without using the 'do' command again for each user. I know this 'do' command is used to run exec level commands in global conf mode but Is the same command is any type of service also?
Thanx for your reply.

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-26-2005 04:41 PM
Sorry, I jammed all commands in 2 lines. You are right, the "do" command is just a convenient way of using exec commands from the config mode, it has no significance here.
What I meant to say is, when using "username cisco password 0 ..." the IOS is expecting you to type a clear text password. After that the IOS encrypts the password because "service password-encryption" is enabled:
router(config)#username cisco password 0 cisco
router(config)#exit
router#show running-config
...
username cisco password 7 045802150C2E
...
Does that make sense?

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-24-2005 10:47 PM
Hello,
you cannot enter a level 7 password in cleartext, level 7 expects an encrypted string. In order to enter ´cisco´ as an encrypted string, you first have to find out what the encrypted string looks like, once you know that, you can enter that string:
enable password 7 110A101614D
Try the following in order to see how it works:
Type ´enable password 0 cisco´ and then enable ´service password-encryption´. Write down the encrypted string you see in your configuration. Then reverse what you just did, that is, type ´no service password-encryption´ and ´no enable password 0 cisco´. Then, type ´enable password 7´ followed by the encrypted string you wrote down...
HTH,
GP
