[Last Call] Learn about multicloud storage options and how to improve your company's cloud strategy. Register Now

x
?
Solved

CISCO IOS Enable secret and password?

Posted on 2006-11-29
6
Medium Priority
?
2,373 Views
Last Modified: 2012-08-13
What is the different between those 2?
enable password and enable secret?

I often see that enable password 7 <password>
what is the number stand for? Based on my research 7 is a weak encryption algorithim? why they don't use the strongest one?
say enable password 5 <passsword>

0
Comment
Question by:kecoak
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 28

Accepted Solution

by:
mikebernhardt earned 2000 total points
ID: 18042072
Enable secret uses "5". You are correct in what those numbers mean in terms of the encryption level. Regular enable password is a reversible encryption, enable secret is not reversible. There are plenty of utilities out there to decrypt the former for you. this isn't always a bad thing- If you break into a router and need to get the password without changing it, it's helpful. But for best security, always use enable secret.
0
 
LVL 5

Expert Comment

by:WGhen
ID: 18042187
Might want "service password encryption" too

WGhen
0
 
LVL 28

Expert Comment

by:mikebernhardt
ID: 18042307
That is what activates that reversible encryption. Without it, everything but enable secret will be in clear text.
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:kecoak
ID: 18042314
Is that possible to have enable password 5 <password>?
I don't understand whether "5" is always combine with "secret" ? or can it be combine with any other number? any references for this?
0
 
LVL 28

Expert Comment

by:mikebernhardt
ID: 18042357
No, it isn't. IOS puts it in there as a reference when it reads the password so it knows how to interpret it.
0
 
LVL 32

Expert Comment

by:rsivanandan
ID: 18045201
Mike has it all, So just to add;

7 means MD7 and 5 means MD5

There are so many sites/programs out there which will decrypt an MD7 password in seconds.

Cheers,
Rajesh
0

Featured Post

Prepare for your VMware VCP6-DCV exam.

Josh Coen and Jason Langer have prepared the latest edition of VCP study guide. Both authors have been working in the IT field for more than a decade, and both hold VMware certifications. This 163-page guide covers all 10 of the exam blueprint sections.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article will show how Aten was able to supply easy management and control for Artear's video walls and wide range display configurations of their newsroom.
Tech spooks aren't just for those who are tech savvy, it also happens to those of us running a business. Check out the top tech spooks for business owners.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
There's a multitude of different network monitoring solutions out there, and you're probably wondering what makes NetCrunch so special. It's completely agentless, but does let you create an agent, if you desire. It offers powerful scalability …

650 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question