Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

CISCO IOS Enable secret and password?

Posted on 2006-11-29
6
2,331 Views
Last Modified: 2012-08-13
What is the different between those 2?
enable password and enable secret?

I often see that enable password 7 <password>
what is the number stand for? Based on my research 7 is a weak encryption algorithim? why they don't use the strongest one?
say enable password 5 <passsword>

0
Comment
Question by:kecoak
6 Comments
 
LVL 28

Accepted Solution

by:
mikebernhardt earned 500 total points
ID: 18042072
Enable secret uses "5". You are correct in what those numbers mean in terms of the encryption level. Regular enable password is a reversible encryption, enable secret is not reversible. There are plenty of utilities out there to decrypt the former for you. this isn't always a bad thing- If you break into a router and need to get the password without changing it, it's helpful. But for best security, always use enable secret.
0
 
LVL 5

Expert Comment

by:WGhen
ID: 18042187
Might want "service password encryption" too

WGhen
0
 
LVL 28

Expert Comment

by:mikebernhardt
ID: 18042307
That is what activates that reversible encryption. Without it, everything but enable secret will be in clear text.
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 

Author Comment

by:kecoak
ID: 18042314
Is that possible to have enable password 5 <password>?
I don't understand whether "5" is always combine with "secret" ? or can it be combine with any other number? any references for this?
0
 
LVL 28

Expert Comment

by:mikebernhardt
ID: 18042357
No, it isn't. IOS puts it in there as a reference when it reads the password so it knows how to interpret it.
0
 
LVL 32

Expert Comment

by:rsivanandan
ID: 18045201
Mike has it all, So just to add;

7 means MD7 and 5 means MD5

There are so many sites/programs out there which will decrypt an MD7 password in seconds.

Cheers,
Rajesh
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

#Citrix #Citrix Netscaler #HTTP Compression #Load Balance
For many of us, the  holiday season kindles the natural urge to give back to our friends, family members and communities. While it's easy for friends to notice the impact of such deeds, understanding the contributions of businesses and enterprises i…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…

840 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question