enable secret password provides encryption automatically using MD5 hash algorithm. The enable password password does not encrypt the password and can be view in clear text in the running-config. In order to encrypt the enable password password , use the service password-encryption command. To be clear, the enable secret password command provides stronger encryption than the service password-encryption command.
Example of enable password vs enable secret;
Switch(config)#enable secret cisco123
Switch(config)#do sh run | in enable
enable secret 5 $1$WMOj$nNNoJr4ybae7mHiCBA3dT1
Switch(config)#enable password cisco456
Switch(config)#do sh run | in enable
enable secret 5 $1$WMOj$nNNoJr4ybae7mHiCBA3dT1
enable password cisco456
Switch(config)#service password-encryption
Switch(config)#do sh run | in enable
enable secret 5 $1$WMOj$nNNoJr4ybae7mHiCBA3dT1
enable password 7 121A0C04110458517C
Switch(config)#username test privilege 15 secret test
Switch(config)#do sh run | in username
username test privilege 15 secret 5 $1$/x1j$ZlezpapESt7tMio2c5jpE.
Switch(config)#username test2 privilege 15 password test2
Switch(config)#do sh run | in username
username test privilege 15 secret 5 $1$/x1j$ZlezpapESt7tMio2c5jpE.
username test2 privilege 15 password 7 001016151009
No comments:
Post a Comment