user password vs. user secret

Unanswered Question
Mar 19th, 2008

Most IOS configs (mine included!) seem to use passwords instead of secrets for local users.

If password is weak, reversible encryption, and secret is md5, is there a reason other than habit why people don't use the stronger one?

Just curious.

Paul

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
sundar.palaniappan Wed, 03/19/2008 - 11:13

In most cases using MD5 password will probably be the better option. I can think of one scenario where use of non-MD5 password can be helpful.

Let's say security isn't a concern for a router, which sits behind a firewall on the trusted side of the network. The router configuration is backed up periodically. If the network admin forgot the password then he could pull the backed up configuration and retrieve the password. Instead, if MD5 password was used performing password recovery on the router would be the only option.

There can be other reasons why use of non-MD5 password might be a better option. But, under normal circumstances MD5 will give you the extra security to protect password from being decoded.

HTH

Sundar

Actions

This Discussion