The Enable Password

The enable password secures the privileged mode, which is required for all commands that change the router’s configuration. Configuring the enable password therefore keeps people with general access to your router from changing the router’s configuration. It takes only one person with enough knowledge to be dangerous to take down your whole network, so securing the privileged (enable) mode is always the right thing to do.

To set the password, use the enable password command:

Router(config)#enable password not2secure

The password is now set to “not2secure”. Once the password is set, the router will prompt you for the password before it enters privileged mode.

By default, passwords are stored in clear text, which means that anybody who can find your router configuration file or watch you list the configuration on the console can see the enable password. The command service password-encryption (with no arguments) configures the router to store the password in an encrypted form.

Chapter 13 discusses better ways to manage passwords and authentication.

Get CISCO IOS in a Nutshell now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.