Configuring the Enable and Enable Secret Passwords
To provide an additional layer of security, particularly for passwords that cross the network or are stored on
a TFTP server, you can use either the enable password command or enable secret command. Both commands
accomplish the same thing—they allow you to establish an encrypted password that users must enter to access
privileged EXEC (enable) mode.
We recommend that you use the enable secret command because it uses an improved encryption algorithm.
If you configure the enable secret command, it takes precedence over the enable password command;
the two commands cannot be in effect simultaneously.
Note
For more information, see the “Configuring Passwords and Privileges” chapter in the Cisco IOS Security
Configuration Guide. Also see the Cisco IOS Password Encryption Facts tech note and the Cisco Guide to
Harden Cisco IOS Devices tech note.
Procedure
PurposeCommand or Action
Enables privileged EXEC mode.enable
Step 1
Example:
Router> enable
Enter your password if
prompted.
Note
Enters global configuration mode.configure terminal
Example:
Router# configure terminal
Step 2
Specifies an additional layer of security over the
enable password command.
enable secret password
Example:
Router(config)# enable secret
greentree
Step 3
Returns to privileged EXEC mode.end
Example:
Router(config)# end
Step 4
Enables privileged EXEC mode.enable
Step 5
Example:
Router> enable
Verify that your new enable or enable secret
password works.
(Optional) Returns to privileged EXEC mode.end
Example:
Router(config)# end
Step 6
Cisco ASR 1001-HX Router and Cisco ASR 1002-HX Router Hardware Installation Guide
80
Power Up and Initial Configuration
Using the Cisco IOS-XE CLI—Manual Configuration
To Next Page
Loading...
Need help?
General
