Options

What's Type 5 and what's Type 7

workfrom925workfrom925 Member Posts: 196
in CCNA & CCENT
From Cisco NetAcademy: "Cisco recommends that Type 5 encryption be used instead of Type 7 whenever possible. MD5 encryption is a strong encryption method. It should be used whenever possible. It is configured by replacing the keyword password with secret."

Is it saying the command "enable secret XXXX" uses type 5 encryption? It says "it should be used whenever possible". Does it mean Type 5 is the strongest encryption?
· Share on FacebookShare on Twitter

Comments

  • Options
    Vask3nVask3n Member Posts: 517
    The Type 7 is actually not a hash but a reversable weak encryption whose purpose is to prevent against shoulder-surfing or realizing what the password is just by looking at the config- however, it can easily be reversed using a number of methods including online sites. Type 5 refers to a hashed password, which is irreversible.
    Working on MS-ISA at Western Governor's University
    · Share on FacebookShare on Twitter
  • Options
    Carpe PorcusCarpe Porcus Member Posts: 84 ■■□□□□□□□□
    Level 7 uses a cypher which scrambles the password so the text displayed is different from that you typed, illustrated when you issue the show running-config command:

    password 7 03075218050061

    This is a first line defense against someone who has physical access and is easily broken if you care to Google the correct phrase you'll get sites that will reveal the password.

    However, level 5 is slightly different:

    enable secret 5 $1$mERr$hx5rVt7rPNoS4wqbXKX7m0

    Is uses MD5 encryption and to my knowledge this hasn't yet been cracked.

    The easiest way to remember is that MD5 displays 5 before the password and should always be used instead of level 7.
    “I'm always admitting I'm wrong. That's how I eventually get to right.”
    · Share on FacebookShare on Twitter
Sign In or Register to comment.