Can you change it via the console or using SSH? Might be something weird with your telnet session.
Also this is from the ACS authentication FAQ:
Q. When I turn on enable authentication in the switch or router with commands such as aaa authentication enable default tacacs+ or set authentication login tacacs enable telnet primary, I am locked out of enable mode and receive the Error in authentication error message on the router. What do I need to do?
A. Check the failed attempts log in the ACS. If the log says CS password invalid, it can be that there has not been a special enable password set up for the user. This is required when you configure enable authentication. If you do not see Advanced TACACS+ Settings in the user options, select Interface Configuration > Advanced Configuration Options > Advanced TACACS+ Features and select that option in order to get the TACACS+ settings to appear in the user settings. Then select Max privilege for any AAA Client (this is usually 15) and enter the TACACS+ Enable Password that you want the user to have for enable.
Q. How do I determine what the 'Authen failed' message type means?
A. Note the date and time of the message, go to the CSAuth log file, and search on the date and time. A more detailed explanation of the message is then presented.
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...