The Enable Password
The enable password secures the privileged mode, which is required for all commands that change the router’s configuration. Configuring the enable password therefore keeps people with general access to your router from changing the router’s configuration. It takes only one person with enough knowledge to be dangerous to take down your whole network, so securing the privileged (enable) mode is always the right thing to do.
To set the password, use the enable password
command:
Router(config)#enable password not2secure
The password is now set to “not2secure”. Once the password is set, the router will prompt you for the password before it enters privileged mode.
By default, passwords are stored in clear text, which means that
anybody who can find your router configuration file or watch you list
the configuration on the console can see the enable password. The
command service
password-encryption
(with no arguments) configures
the router to store the password in an encrypted form.
Chapter 13 discusses better ways to manage passwords and authentication.
Get CISCO IOS in a Nutshell now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.