Cisco Cisco IOS Software Release 12.0(18)S
1
Cisco IOS Release 12.0(18)S
Enhanced Password Security - Phase I
Feature History
This document describes the Enhanced Password Security feature in Cisco IOS Release 12.0(18)S. It
includes the following sections:
includes the following sections:
•
•
•
•
•
•
•
•
Feature Overview
Using the Enhanced Password Security feature, you can configure MD5 encryption for username
passwords. Before the introduction of this feature there were two types of passwords associated with
usernames. Type 0 is a clear text password visible to any user who has access to privileged mode on the
router. Type 7 is a password with a weak, exclusive-or type encryption. Type 7 passwords can be
retrieved from the encrypted text by using publicly available tools.
passwords. Before the introduction of this feature there were two types of passwords associated with
usernames. Type 0 is a clear text password visible to any user who has access to privileged mode on the
router. Type 7 is a password with a weak, exclusive-or type encryption. Type 7 passwords can be
retrieved from the encrypted text by using publicly available tools.
MD5 encryption is a one-way hash function that makes reversal of an encrypted password impossible,
providing strong encryption protection. Using MD5 encryption, you cannot retrieve clear text
passwords. MD5 encrypted passwords cannot be used with protocols that require that the clear text
password be retrievable, such as Challenge Handshake Authentication Protocol (CHAP).
providing strong encryption protection. Using MD5 encryption, you cannot retrieve clear text
passwords. MD5 encrypted passwords cannot be used with protocols that require that the clear text
password be retrievable, such as Challenge Handshake Authentication Protocol (CHAP).
Use the username (secret) command to configure a user name and an associated MD5 encrypted secret.
Benefits
Enhanced Password Security provides a strong method of encryption for user passwords.
12.0(18)S
This feature was introduced.