Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

service password-encryption

what does this command do?

Thanks

  • Other Network Infrastructure Subjects
1 ACCEPTED SOLUTION

Accepted Solutions
VIP Purple

Re: service password-encryption

Hello,

the process is not reversible. In your case, somebody has entered the command ´service password-encryption´, after which the passwords were encrypted. After that, ´no service password-encryption´ has been entered, but this affects only newly configured passwords, not existing ones. The existing ones will remain encrypted...

Does that make sense ?

Regards,

GP

4 REPLIES
VIP Purple

Re: service password-encryption

Hello,

let´s say you enter the following to your router configuration:

Router#conf t

Router(config)#username xxxx password xxxx

Router(config)#line vty 0 4

Router(config-line)#password xxxx

The configuration that would be visible to anybody with access to your router would be:

Router

!

username xxx password xxx

!

line vty 0 4

password xxxx

login

That means that anybody could see the passwords, which is a otential security risk. Now, after entering ´service password-encryption´, the configuration would look like this:

Router

!

username xxx password xxxxx

!

line vty 0 4

password xxx

login

As you can see, now the passwords are encrypted. Be aware though that these passwords are fairly easy to decrypt, there are numerous tools available on the Internet which let you decrypt them, such as this:

Cisco weak password decryption applet

http://users.skynet.be/glu/ciscopw.htm

HTH,

GP

New Member

Re: service password-encryption

Thanks for your reply. but please see the following "show run" output in my Cisco CatOS 3550 switch:

no service password-encryption

.

.

.

.

.

.

.

line con 0

line vty 0 4

password 7 0832455A0C4B50434v5D5F52

line vty 5 15

VIP Purple

Re: service password-encryption

Hello,

the process is not reversible. In your case, somebody has entered the command ´service password-encryption´, after which the passwords were encrypted. After that, ´no service password-encryption´ has been entered, but this affects only newly configured passwords, not existing ones. The existing ones will remain encrypted...

Does that make sense ?

Regards,

GP

New Member

Re: service password-encryption

Ok, thanks.

3501
Views
0
Helpful
4
Replies
This widget could not be displayed.