Configure Password
- Password configuration is an in-built feature of Cisco devices.
- Each Cisco device uses a password to authenticate users for accessing the device and also provides security to the Cisco devices.
There are five types of the password which are used to secure Cisco routers:
- Enable Password
- Enable Secret
- Auxiliary Password
- Console Password
- Telnet Password
Enable Password
Enable password allows security on a Cisco router when a user moves from User Exec Mode to Privileged Exec Mode.
You can set enable password in global configuration mode by using the command“enable password”:
The above command creates the enable password.
- In case, if you entered an incorrect password three times, it will show the error "% Bad secrets."
- If you entered the correct password, it directly enters in the Privileged Exec Mode.
- If you forget the password, use “show running-config” command to view the password.
Enable Secret Password
Enable secret password is quite similar to the Enable password. The main difference between Enable and Enable secret is the encryption. Enable password stored in a plain text format and is not encrypted. While in Enable secret password, a password is in encrypted form. Means Enable Secret Password is more secure as compare to Enable password.
To see your encrypted password, use “show running-config” command.
Auxiliary Password
Auxiliary Password is configured into the “Global Configuration Mode” by typing the command “line aux ?”
You can see <0-0> because there is only one port.
Console Password
Console password is used on a network when multiple users have to access the router. It prevents an unauthorized user from accessing the router.
To set the console password, use “line console 0” command. We choose 0 because there is only one console port.
Telnet Password
To configure Telnet password into the router or switch, first, move into the line configuration mode and use line vty0 4 command. Here ‘0 4’ means we are configuring the router for 0 to 4, i.e., total of 5 users can take router's telnet at the same time.
There are three sub-portions of telnet which should be configured on to the router before you can access it through-
- An interface IP
- Enable or Enable secret
- Vtyconfig
Let’s verify to take telnet of a router
Our topology is:
First assign the IP address to router, PC, and server so that they can communicate with each other.
To verify the reachability to the router, we use ping command as below example:
Since we are able to ping, now try to take telnet to router from ping.
Important Note:
Note 1: To provide the IP address to the device (PC or Server), first click on the device then click on IP configuration and provide IP address manually to the device.
Note 2: For ping, click on the device then go to command prompt and first type ping and then the IP address of the device that you want to access.