Chapter 7 Replacing Or Recovering Passwords; Password Recovery Procedure Overview - Cisco 10000 Series Troubleshooting Manual

Replacing or Recovering Passwords
This chapter describes how to recover a lost enable or console login password, and how to replace a lost
enable secret password on the Cisco 10000 series router.
It is possible to recover the enable or console login password. The enable secret password is encrypted,
Note
however, and must be replaced with a new enable secret password.

Password Recovery Procedure Overview

Following is an overview of the steps in the password recovery procedure:
•
•
•
Note
•
•
•
•
•
Note
OL-0439-02
If you can log in to the router, enter the show version command to determine the existing
configuration register value.
Press the Break key to go to the bootstrap program prompt (ROM monitor). You might need to
reload the system image by power-cycling the router.
Change the configuration register so that the following functions are enabled:
Break
–
– Ignore startup configuration
Boot from Flash memory
–
The key to recovering a lost password is to set the configuration register bit 6 (0x2142) so that
the startup configuration (usually in NVRAM) is ignored. This allows you to log in without
using a password and to display the startup configuration password.
Power cycle the router by typing reload at the
Log in to the router and enter the privileged EXEC mode.
Enter the show startup-config command to display the passwords.
Recover or replace the displayed passwords.
Change the configuration register back to its original setting.
To recover a lost password if the break function is disabled on the router, you must have physical
access to the router.
C H A P T E R
prompt.
rommon>
Cisco 10000 Series Router Troubleshooting Guide
7
7-1