ROM Monitor (ROMmon) security is designed to prevent a person with physical access to the router from viewing the configuration file. ROMmon security disables access to the ROMmon so that a person cannot set the configuration register to ignore the startup configuration. ROMmon security is enabled when the router is configured with the no service password-recovery command.
Note: Because password recovery using ROMmon security involves destroying the configuration, it is recommended that you save the router configuration somewhere off the router, such as on a TFTP server.
If a router is configured with the no service password-recovery command, this disables all access to the ROMmon. If there is no valid Cisco IOS Software image in the Flash memory of the router, the user will not be able to use the ROMmon XMODEM command to load a new Flash image. To fix the router, you must get a new Cisco IOS Software image on a Flash SIMM or on a Personal Computer Memory Card Industry Association (PCMCIA) card (for example, on the 3600 series routers).
In order to minimize this risk, a ROMmon security user should also use dual Flash bank memory and put a backup Cisco IOS Software image in a separate partition.
For more information on the no service password-recovery command, refer to "No service password-recovery" command for Secure ROMMON Configuration Example.