An enable password is defined as follows:
•Must contain from 1 to 25 uppercase and lowercase alphanumeric characters.
•Must not have a number as the first character.
•Can have leading spaces, but they are ignored. However, intermediate and trailing spaces are recognized.
•Can contain the question mark (?) character if you precede the question mark with the key combination Crtl-v when you create the password; for example, to create the password abc?123, do the following:
–Enter abc.
–Type Crtl-v.
–Enter ?123.
When the system prompts you to enter the enable password, you need not precede the question mark with the Ctrl-v; you can simply enter abc?123 at the password prompt.
Examples
The following example enables the password “pswd2” for privilege level 2:
enable password level 2 pswd2
The following example sets the encrypted password “$1$i5Rkls3LoyxzS8t9”, which has been copied from a router configuration file, for privilege level 2 using encryption type 7:
enable password level 2 5 $1$i5Rkls3LoyxzS8t9
Related Commands
|
Command |
Description |
| disable | Exits privileged EXEC mode and returns to user EXEC mode. |
| enable | Enters privileged EXEC mode. |
| enable secret | Specifies an additional layer of security over the enable password command. |
| privilege | Configures a new privilege level for users and associate commands with that privilege level. |
| service password-encryption | Encrypts passwords. |
| show privilege | Displays your current level of privilege. |
enable secret
To specify an additional layer of security over the enable password command, use the enable secret command in global configuration mode. To turn off the enable secret function, use the no form of this command.
enable secret [level level] {password | [encryption-type] encrypted-password}
no enable secret [level level]
Syntax Description
| level level | (Optional) Level for which the password applies. You can specify up to sixteen privilege levels, using numbers 0 through 15. Level 1 is normal EXEC-mode user privileges. If this argument is not specified in the command or in the no form of the command, the privilege level defaults to 15 (traditional enable privileges). The same holds true for the no form of the command. |
| password | Password for users to enter enable mode. This password should be different from the password created with the enable password command. |
| encryption-type | (Optional) Cisco-proprietary algorithm used to encrypt the password. Currently the only encryption type available for this command is 5. If you specify encryption-type, the next argument you supply must be an encrypted password (a password encrypted by a Cisco router). |
| encrypted-password | Encrypted password you enter, copied from another router configuratio |