How to recover or break the Cisco Router password

In below article I described  how to recover or break the enable password and the enable secret password. These passwords protect access to privileged EXEC and configuration modes. The enable password  can be recovered, but the enable secret password is encrypted and must be replaced with a new password. Use the procedure described in this document in order to replace the enable secret password.

To recover or break the forgotten old password on Cisco Router or Switch we should bypass the original configuration when Router boots up and we have to enter the privileged mode without password. Then we load original configuration into RAM from NVRAM, configure a new password and save things back to the NVRAM with original boot sequence.

The following configuration procedure is applicable for any Cisco router, such as 800, 2600, 3600, 1800, 2800, 3800 etc.

1. Cisco Router Password Recovery Procedure :

1. Connect the Cisco Router with a console cable and open your terminal emulation software with default terminal settings (9600 baud, no parity, 8 data bits, 1 stop bit, no flow control). After that, you will get the terminal window.

Use these terminal settings:
* 9600 baud rate
* No parity
* 8 data bits
* 1 stop bit
* No flow control

2. You have to power OFF the Router and get ready on your keyboard. Now turn ON power switch and immediately press the Ctrl+Break keys on your keyboard several times until the router goes into ROM Monitor mode. You will get rommon 1> prompt on terminal window.

rommon 1>

3. Now you need to change the value of configuration register of your router. It controls the how the Cisco router boots up. The normal value of this Configuration register is 0x2102. We have to change it to 0x2142. Now Router bypasses the startup-configuration (where the configuration with password is stored) and boot with the factory default configuration.

Use following commands:

rommon 1> confreg 0x2142
rommon 2> reset

Note : The ROM monitor uses the rommon x > command prompt. The x variable begins at 1 and increments each time you press Return or Enter in ROM monitor mode.

The reset command will reboot the device.

4. After the router reboots, it will ignore the startup configuration and will behave like the brand new Router like very first time that you switched on the device. It will therefore run the initial setup script. Type no or press Ctrl-C to terminate the initial setup procedure.

5. Now you will get the Router> prompt. Type enable command to get into privilege mode.

Router> enable

6. Now you need to copy the Startup-Config into the Running-Config by using below command.

Router# copy startup-config running-config

7. Now we are ready to change old passwords. Change the enable password as like below.

Cisco-Router#config t
Cisco-Router(config)# enable secret newpassword

8. Another important step now is to change the configuration register back to its normal value which is 0x2102

Cisco-Router(config)#config-register 0x2102

9. Now save the configuration and reboot.

Cisco-Router# write
Cisco-Router# reload

10. After the router boots up, log on with your new password and enable all interfaces using no shutdown because during the recovery procedure the interfaces get shut down.

2. Cisco Router Password Recovery Procedure :

Complete these steps in order to recover your password:

1. Shut down the Cisco Router,  remove the compact flash that is at the back of the Router and Power on the Router.

2. Once the Router Powered ON,  Rommon1> prompt will appears, enter below command in Rommon Mode:

rommon1>confreg 0x2142

3. Insert the compact flash and Type reset.


4. When you are prompted to enter the initial configuration, type No, and press Enter.


5. At the Router> prompt, type enable.

6. At the Router# prompt, enter the configure memory command, and press Enter in order to copy the startup configuration to the running configuration.

7. Use the config t command in order to enter global configuration mode.

8. Use this command in order to create a new user name and password:

Router(config)#username cisco privilege 15 password cisco

9. Use this command in order to change the boot statement:

Router(config)config-register 0x2102

10. Use this command in order to save the configuration:

Router#write memory

11. Reload the router, and then use the new user name and password to log in to the router.

Filed Under: Password Recovery


About the Author:

RSSComments (0)

Trackback URL

Leave a Reply

If you want a picture to show with your comment, go get a Gravatar.