How to Recover Password on Cisco IOS Router?

For people who are doing some labs forgot the password they set for enable mode…perhaps someone was working on the router before and the following one has no idea what the password he picked. Maybe you or he needs to reset the password of a router you didn’t configure, and so on…

Whatever the reason, how to reset the password of your Cisco router? Let’s share some examples about this topic. This only applies to routers, if you need to reset the password for a switch then you need another tutorial. So here we will share a tutorial of Cisco IOS Router Password Recovery from

Let’s take a look:




% Bad secrets

To fix this problem you need to connect your router to the console port, you can’t do this remotely through telnet or SSH.


Reboot the router (just hit the power switch) and send the BREAK signal. This tells the router to ignore loading the IOS (Cisco’s Operating System). If you are using Windows and Putty you can probably use the CTRL-BREAK combination to send a break signal. If this doesn’t work you can try some of the other methods that are described here.

When the router accepts your BREAK it will head into ROMMON mode. ROMMON is like a mini operating system that helps to initialize the hardware and boots the Cisco IOS. Here’s what it looks like:

Readonly ROMMON initialized

rommon 1 >


This tells us that we are in ROMMON mode. We can only configure a couple of items here, one of the things we can do is tell the router to ignore its startup-configuration when booting the IOS image. This is exactly what we want because it means it will also not load the password that we configured (and forgot). Here’s how to do it:

rommon 1 > confreg 0x2142

You must reset or power cycle for new config to take effect


We set the configuration-register to 0×2142 with the confreg command. This tells the router to ignore the startup-configuration when booting. The router is nice enough to tell us we should reboot so let’s follow its advice:

rommon 2 > reset

c2811 platform with 786432 Kbytes of main memory

Main memory is configured to 64 bit mode with ECC enabled


Readonly ROMMON initialized

program load complete, entry point: 0x8000f000, size: 0xcb80

program load complete, entry point: 0x8000f000, size: 0xcb80

program load complete, entry point: 0x8000f000, size: 0x38bbd64

Self decompressing the image : #######################


The router will boot and load its IOS image; once it’s ready you will see the following wizard:

     — System Configuration Dialog —

Would you like to enter the initial configuration dialog? [yes/no]: no


Because the router is not loading its startup-configuration it will show you the wizard that is shown when there is no configuration. Just type no and you will end up at the command-line. We will now go to enable mode:




We now have full access to the router and it didn’t prompt for a password. We will now copy the startup-configuration to the running-configuration ourselves. By doing this your configuration will be active but we will still be in privileged mode which allows us to change the password:

Router#copy startup-config running-config

Destination filename [running-config]?

1831 bytes copied in 1.012 secs (1809 bytes/sec)


Your configuration is now active; let’s see what the password that we forgot about looks like:

Router#show run | include enable

enable secret 5 $1$aAHw$ZUJuS7oxPrVfap1ev8YaU.


This router has an “enable secret” which is a hash of our password. There’s no way to tell what the original password was but I change it to something else. If you used the “enable password” command you will be able to retrieve it because it’s clear-text. However saving clear-text passwords in your configuration is not a good idea. To change the password we need to go to configuration mode first:

Router#configure terminal

Enter configuration commands, one per line.  End with CNTL/Z.


Now we can set a new password. We’ll call mine “mypassword”. Also we should not forget to set the configuration-register to the default value. If you forget this the router will ignore the startup-configuration again next time you boot:

Router(config)#enable secret mypassword

Router(config)#config-register 0x2102


Now you can exit the configuration mode:




Don’t forget to save your configuration:

Router#copy running-config startup-config

Destination filename [startup-config]?

Building configuration…

Finished. You successfully changed the password of your Cisco IOS router. Hopefully it’s useful for you.

Reference from


More Related

How to Reset a Cisco Router Back to Factory Defaults?

How to Configure SNMP on Cisco IOS-based Router/Switch?

How to Configure OSPF on Cisco Routers?

How to Configure Cisco Routers as Frame Relay Switch (FRS)?

Share This Post

Post Comment