Core issue
By default, the ISAKMP pre-shared key is in plain text on a router so that anybody who looks at the configuration can see it. It can also be encrypted to be hidden from everybody.
Resolution
Issue these commands in the config mode on the router to encrypt the Internet Security Association and Key Management Protocol (ISAKMP) pre-shared key in secure type 6 format in Non-Volatile RAM (NVRAM). These commands were introduced in the Cisco IOS Software Release 12.3(2)T:
key config-key password-encryption [master key]
password encryption aes
For more information on this issue, refer to Encrypt Pre-shared Keys in Cisco IOS Router Configuration Example.
For additional information, refer to Encrypted Preshared Key.