Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations Rhinorhino on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
enable secret vs enable password 1
- Thread starter ncolsgk
- Start date
Well, his reasoning is because he says it takes up CPU cycles, that it runs in the backround. That is his reasoning, and obviously there would not necessarily be a good reason to turn it off if this were not true. I do know that this encrypts passwords with a weak encryption, and it is easily cracked (I know I can crack it). The secret is always encrypted one way no matter what---if someone were to break into a router and see encrypted passwords, the fact that the person was able to bypass the secret password tells me that person could easily crack the passwords encrypted by "service password-encryption", and therefore it basically serves no purpose---if it does indeed take up CPU cycles, then turn it off.
Burt
Burt
jneiberger
Technical User
It also provides protection from people just leaving printed copies of the config lying around. 
If you leave it turned on, you can print your config and not worry that someone is going to peek at your passwords because you've left them in plaintext.
Granted, they could write them down and decrypt them, so I can see that perspective.
If you leave it turned on, you can print your config and not worry that someone is going to peek at your passwords because you've left them in plaintext.Granted, they could write them down and decrypt them, so I can see that perspective.
- Status