Showing results for 
Search instead for 
Did you mean: 
Cisco Community November 2020 Spotlight Award Winners

ACS 5.x: CLI Password Recovery Procedure





This document describes how to recover lost command line administrator credentials on the Access Control System 5.x (ACS 5.x). The procedure illustrated in this document is based on Cisco ACS 5.3.




Readers of this document should be aware of these conditions.

  • Before you begin the procedure, ensure that you have a successful serial console or keyboard/monitor connection to the ACS 5.x. The baud rate used is 9600 on the serial connection. 
  • You must have the ACS 5.x Recovery DVD in order to perform this procedure. In order to obtain a recovery DVD, you need to contact Cisco TAC.


Step-by-Step Procedure


Complete these steps to reset the CLI administrator account.


   1. Insert the ACS 5.x Recovery DVD into the DVD drive of ACS.


   2. Reboot the ACS 5.x.


     The console displays:


Welcome to Cisco Secure ACS 5.1 Recovery - CSACS 1121


To boot from hard disk press <Enter>


Available boot options:

[1] Cisco Secure ACS 5.1 Installation (Keyboard/Monitor)

[2] Cisco Secure ACS 5.1 Installation (Serial Console)

[3] Reset Administrator Password (Keyboard/Monitor)

[4] Reset Administrator Password (Serial Console)


<Enter> Boot from hard disk


Please enter boot option and press <Enter>.




   3. To reset the administrator password, at the system prompt, enter 3 if you are using a keyboard and video monitor, or enter 4 if you are using a serial console port.


   4. The console displays the name of all the administrators configured on the ACS 5.x


Admin username:






Enter number of admin for password recovery:


   5. Enter the number against the adminstrator username of which you want to reset the password. For the user "david", enter 1 at the prompt.


   6. Enter the new password for the administrator account and verify it. Enter Y to save the new password.




Verify password:


Save change&reeboot? [Y/N]:


   7. Now, remove the ACS 5.x Recovery DVD and reboot the ACS.


Related Information


You can refer to the Installation and Upgrade Guide for the Cisco Secure Access Control System 5.3 for more information on this subject.


I already dit the following step, but why i cannot login with recovered password ??


Ran into the same issue today. Did you ever get in or did you end up rebuilding?

Cisco Employee

Hi James,

What is the ACS versions you are using ?




I've tried using the ACS ISO and the Recovery.iso that TAC provided.
I have the same result on all three SNS-3415s  (two production, one lab).

The menus all work, it displays the appropriate administrator accounts, it prompts for a new password and verification and prompts to save.
I then select (q) to reboot and find myself with the same password I had before attempting the recovery.

I was hoping that afdhalalhabsy had found a solution.
I'll start my own thread and solicit advice from the group.

Cisco Employee

Hi James,

We have bug(CSCuy45998) for it .Please install patch4 and try for it .



Please rate helpful posts and mark correct answers.

Hi good article,


But, the recovery password makes the config of tacacs get lost too?

Content for Community-Ad