user password vs. user secret

Unanswered Question
Mar 19th, 2008
User Badges:

Most IOS configs (mine included!) seem to use passwords instead of secrets for local users.


If password is weak, reversible encryption, and secret is md5, is there a reason other than habit why people don't use the stronger one?


Just curious.


Paul

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
sundar.palaniappan Wed, 03/19/2008 - 11:13
User Badges:
  • Green, 3000 points or more

In most cases using MD5 password will probably be the better option. I can think of one scenario where use of non-MD5 password can be helpful.


Let's say security isn't a concern for a router, which sits behind a firewall on the trusted side of the network. The router configuration is backed up periodically. If the network admin forgot the password then he could pull the backed up configuration and retrieve the password. Instead, if MD5 password was used performing password recovery on the router would be the only option.


There can be other reasons why use of non-MD5 password might be a better option. But, under normal circumstances MD5 will give you the extra security to protect password from being decoded.


HTH


Sundar

Actions

This Discussion