Most of us know that the type 7 password that is used on Cisco routers/switches isn’t very secure. Just do a google search for “cisco type 7 decrypt,” and you will find plenty of websites that decrypt it for you.
What most of us don’t realize is that you don’t need any external tools…your router can also decrypt it for you.
Here’s how to do it:
R1(config)#username RENE password MYPASSWORD R1(config)#service password-encryption
First, I will configure a username with a password and enable password encryption. Let’s see what it looks like in the running config:
R1#show run | include username username RENE password 7 080C757E282A36203D3928
To decrypt this string, we need to use a key chain:
R1(config)#key chain DECRYPT R1(config-keychain)#key 1 R1(config-keychain-key)#key-string ? 0 Specifies an UNENCRYPTED password will follow 7 Specifies a HIDDEN password will follow LINE The UNENCRYPTED (cleartext) user password
We’ll use “7” and paste the password string here:
R1(config-keychain-key)#key-string 7 080C757E282A36203D3928
Now take a look at the key chain that we just configured: