Enable secret / service password-encryption
xkaijinx
Member Posts: 90 ■■□□□□□□□□
in CCNA & CCENT
I know the difference between the two. I am having issues in identifying if either one was used on a Cisco switch/router after you run the "show run" command.
Enable secret uses MD5 hash, service password-encryption uses Vigenere cipher yes.
When I use both on a switch to see the difference I see the number "5" next to the hash for the password.
is it correct to assume that any password that has a 5 next to the hash is a "enable secret" and anything else that is hashed without a number is from "service password-encryption"
This is for the CCENT.
Thanks
Enable secret uses MD5 hash, service password-encryption uses Vigenere cipher yes.
When I use both on a switch to see the difference I see the number "5" next to the hash for the password.
is it correct to assume that any password that has a 5 next to the hash is a "enable secret" and anything else that is hashed without a number is from "service password-encryption"
This is for the CCENT.
Thanks
Comments
-
MichaelPeterman
Member Posts: 19 ■□□□□□□□□□
The other passwords (not the Enable secret) should have a 7 before them
the MD5 is hashed and difficult (if not impossible to reverse) were as the service password encryption is encrypted and can be reversed back to its actual password, quiet easily actually -
xkaijinx
Member Posts: 90 ■■□□□□□□□□
That is what I thought regarding having a 7 before them, however in a test lab I did the 'service password-encryption' password did not show anything before it. Only the secret password had a 5.
-
Codyy
Member Posts: 223 ■■■□□□□□□□
I believe you are correct, only secrets have a 5. I'm doing a sim now in packet tracer and a show run showed a 5 before the secret.