Changing The Password - Cisco Catalyst 2950 Software Manual

Changing the Password

•
Switches 2 through 4 retrieve their configuration files and IP addresses in the same way.
Changing the Password
You can assign the password of your switch in these ways:
•
•
Note You can change a password only by using the CLI. Your connection with the switch ends when you
change the enable secret password. You will then need to reopen the session with the new password. If
you have forgotten your password, see the
page
Because many privileged EXEC commands are used to set operating parameters, you should
password-protect these commands to prevent unauthorized use. Catalyst 2950 switches have two
commands for setting passwords:
•
•
You must enter one of these passwords to gain access to privileged EXEC mode. We recommend that
you use the enable secret password.
Note When set, the enable secret password takes precedence, and the enable password serves no purpose.
If you enter the enable secret command, the text is encrypted before it is written to the config.text file,
and it is unreadable. If you enter the enable password command, the text is written as entered to the
config.text file where you can read it.
You can also specify up to 15 privilege levels and define passwords for them by using the enable
password [level level] {password} or the enable secret [level level] {password} command. Level 1 is
EXEC-mode user privileges. If you do not specify a level, the privilege level defaults to 15 (privileged
EXEC-mode privileges).
You can specify a level, set a password, and give the password only to users who need to have access at
this level. Use the privilege level global configuration command to specify commands accessible at
various levels.
Note You need an enable secret password with a privilege level 15 to access CMS. You must also use this
password if you configure the Terminal Access Controller Access Control System Plus (TACACS+)
protocol from the CLI so that all your HTTP connections are authenticated through the TACACS+ server.
The Telnet password must be an enable secret password.
For information about managing passwords in switch clusters, see the
Catalyst 2950 Desktop Switch Software Configuration Guide
6-10
It reads the configuration file that corresponds to its host name; for example, it reads switch1-confg
from the TFTP server.
Using the setup program, as described in the release notes
Manually assigning a password, as described in this section
14-9.
enable secret password (a very secure, encrypted password)
enable password password (a less secure, unencrypted password)
"Recovering from a Lost or Forgotten Password" section on
Chapter 6 Configuring the System
"Passwords" section on page
78-11380-03
5-14.