When we configure passwords like Privileged Mode password, VTY line password, Console line password, etc. on our Cisco devices, these passwords are visible as a clear text in the running config. This is a security vulnerability since anyone can view them just by looking at the running config or start up config. Even when you are checking the Cisco device configuration, someone could be watching over your shoulder. To fix this problem, we could use a command known as the ‘service password-encryption’. This command encrypts all passwords and converts them into the alphanumeric number. Hence, we can use this command to store and display the passwords in encrypted form for added security.
- Set encrypted privileged level password to cisco
- Encrypt all passwords
Router(config)#enable secret cisco
Router(config)#service password encryption