Enable Secret Password Recovery Procedures
- Attach a PC to the console port of the router. Password recovery cannot be done remotely.
- Type a show version at the console prompt. You only have to be in User mode to run the show version command. Make a note of the configuration register number. It will almost always be 0x2102, but might be 0x102. If you cannot do a show version use 0x2102 or check a similar router for it’s configuration register.
- Once you have this information follow these steps:
Basic Steps
• Power reset the router.
• Go into ROMMON mode for password recovery.
• Set the configuration register to boot the router without loading the configuration file.
• Reboot the router.
• Copy the startup-configuration into memory.
• Go into Global Configuration mode and change the password.
• Reset the configuration register to boot the router using the startup configuration file.
• Save the configuration back to NVRAM.
• Reboot the router.
Step 1 Power reset the Router.
Step 2 Within 60 seconds of the router reboot, press the Ctrl+Break keys. This puts the router in ROMMON mode.
Step 3 The router should boot to a router> prompt with no router name.
Step 4 Type o/r 0x42 at the router> prompt. This tells the router to boot from Flash Memory without loading the configuration file. If you want to boot from ROM instead, type o/r 0x41.
However, booting from ROM allows you to only view the encrypted password or erase the configuration. You cannot change the password.
Step 5 Type i at the router prompt. The router will now reboot, but ignore it’s saved configuration (which contains the forgotten password).
Step 6 When the router boots up it will ask you if you want to configure the router. Press Ctrl+C to break out of the startup configuration.
Step 7 Type enable at the router> prompt. This will put you in enable or Privileged mode and the prompt will look like this: router#
Step 8 Type copy startup-config running-config (or copy start run) to copy the startup configuration into memory. With the startup configuration in memory you can now change the enable secret password.
Step 9 At the router# prompt type config t to go into global configuration mode.
Step 10 At the router(config)# prompt type enable secret new_password where new_password is a new password.
Step 11 You now need to change your configuration register to tell the router to boot up with the startup configuration file. Type config-register 0x2102 and press enter. This tells the router to load the startup-config file in NVRAM when it boots up. (use the number you saved from the show version command)
Step 12 Press Ctrl+Z to leave global configuration mode.
Step 13 At the router# prompt type copy running-config startup-config (or copy run start). This will save your password change to NVRAM.
Step 14 Type reload and press enter to reboot the router.
Advert.