• Password configuration is an in-built feature of Cisco devices.
  • Each Cisco device uses a password to authenticate users for accessing the device and also provides security to the Cisco devices.

There are five types of the password which are used to secure Cisco routers:

  • Enable Password
  • Enable Secret
  • Auxiliary Password
  • Console Password
  • Telnet Password

Enable Password

Enable password allows security on a Cisco router when a user moves from User Exec Mode to Privileged Exec Mode.

You can set enable password in global configuration mode by using the command“enable password”:


The above command creates the enable password.

  • In case, if you entered an incorrect password three times, it will show the error “% Bad secrets.”
configure-password 1
  • If you entered the correct password, it directly enters in the Privileged Exec Mode.
configure-password 2
  • If you forget the password, use “show running-config” command to view the password.
configure-password 3

Enable Secret Password

Enable secret password is quite similar to the Enable password. The main difference between Enable and Enable secret is the encryption. Enable password stored in a plain text format and is not encrypted. While in Enable secret password, a password is in encrypted form. Means Enable Secret Password is more secure as compare to Enable password.

configure-password 4

To see your encrypted password, use “show running-config” command.

configure-password 5

Auxiliary Password

Auxiliary Password is configured into the “Global Configuration Mode” by typing the command “line aux ?”

configure-password 6

You can see <0-0> because there is only one port.

configure-password 7

Console Password

Console password is used on a network when multiple users have to access the router. It prevents an unauthorized user from accessing the router.

To set the console password, use “line console 0” command. We choose 0 because there is only one console port.

configure-password 8

Telnet Password

To configure Telnet password into the router or switch, first, move into the line configuration mode and use line vty0 4 command. Here ‘0 4’ means we are configuring the router for 0 to 4, i.e., total of 5 users can take router’s telnet at the same time.

configure-password 9

There are three sub-portions of telnet which should be configured on to the router before you can access it through-

  1. An interface IP
  2. Enable or Enable secret
  3. Vtyconfig

Let’s verify to take telnet of a router

Our topology is:

configure-password 10

First assign the IP address to router, PC, and server so that they can communicate with each other.

configure-password 11

To verify the reachability to the router, we use ping command as below example:

Since we are able to ping, now try to take telnet to router from ping.

configure-password 12

Important Note:

Note 1: To provide the IP address to the device (PC or Server), first click on the device then click on IP configuration and provide IP address manually to the device.

Note 2: For ping, click on the device then go to command prompt and first type ping and then the IP address of the device that you want to access.

Pin It on Pinterest

Share This