Solved

CISCO IOS Enable secret and password?

Posted on 2006-11-29
6
2,345 Views
Last Modified: 2012-08-13
What is the different between those 2?
enable password and enable secret?

I often see that enable password 7 <password>
what is the number stand for? Based on my research 7 is a weak encryption algorithim? why they don't use the strongest one?
say enable password 5 <passsword>

0
Comment
Question by:kecoak
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 28

Accepted Solution

by:
mikebernhardt earned 500 total points
ID: 18042072
Enable secret uses "5". You are correct in what those numbers mean in terms of the encryption level. Regular enable password is a reversible encryption, enable secret is not reversible. There are plenty of utilities out there to decrypt the former for you. this isn't always a bad thing- If you break into a router and need to get the password without changing it, it's helpful. But for best security, always use enable secret.
0
 
LVL 5

Expert Comment

by:WGhen
ID: 18042187
Might want "service password encryption" too

WGhen
0
 
LVL 28

Expert Comment

by:mikebernhardt
ID: 18042307
That is what activates that reversible encryption. Without it, everything but enable secret will be in clear text.
0
Create the perfect environment for any meeting

You might have a modern environment with all sorts of high-tech equipment, but what makes it worthwhile is how you seamlessly bring together the presentation with audio, video and lighting. The ATEN Control System provides integrated control and system automation.

 

Author Comment

by:kecoak
ID: 18042314
Is that possible to have enable password 5 <password>?
I don't understand whether "5" is always combine with "secret" ? or can it be combine with any other number? any references for this?
0
 
LVL 28

Expert Comment

by:mikebernhardt
ID: 18042357
No, it isn't. IOS puts it in there as a reference when it reads the password so it knows how to interpret it.
0
 
LVL 32

Expert Comment

by:rsivanandan
ID: 18045201
Mike has it all, So just to add;

7 means MD7 and 5 means MD5

There are so many sites/programs out there which will decrypt an MD7 password in seconds.

Cheers,
Rajesh
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article, I am going to show you how to simulate a multi-site Lab environment on a single Hyper-V host. I use this method successfully in my own lab to simulate three fully routed global AD Sites on a Windows 10 Hyper-V host.
This article will inform Clients about common and important expectations from the freelancers (Experts) who are looking at your Gig.
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …

717 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question