Secure character length for a pre-shared key

Unanswered Question
Dec 7th, 2007
User Badges:

Hey folks,

We're implementing a router-to-router IPSEC VPN using pre-shared keys. How many characters would you use in order to fell as though you have a "strong" pre-shared key?

Also, while testing this in the lab, I noticed that although I have "service password-encryption" enabled, the pre-shared keys show up in plaintext next to my "crypto isakmp key" commands. Any way to hide it?



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4.3 (3 ratings)
ccbootcamp Fri, 12/07/2007 - 08:36
User Badges:
  • Gold, 750 points or more

I like to use a minimum of 12 char. mixing it up between upper case, lower case, numeric, and symbols. Just my rule of thumb.

No way to hide the key, sorry. Just use some crazy, long key that makes no sense. Heck, but the word ENCRYPTED before or after it as well and you'll really confuse someone!!! :)


(please rate the post if this helps!)


This Discussion