The Enable Password

The enable password secures the privileged mode, which is required for all commands that change the router's configuration. Configuring the enable password therefore keeps people with general access to your router from changing the router's configuration. It takes only one person with enough knowledge to be dangerous to take down your whole network, so securing the privileged (enable) mode is always the right thing to do.

To set the password, use the enable password command:

Router(config)#enable password not2secure

The password is now set to not2secure. Once the password is set, the router prompts you for the password before it enters privileged mode.

By default, passwords are stored in clear text, which means that anybody who can find your router configuration file or watch you list the configuration on the console can see the enable password. The command service password-encryption (with no arguments) configures the router to store the password in an encrypted form.

Chapter 15 discusses better ways to manage passwords and authentication.