How to recovery password of Cisco Router

Router Password Recovery Procedure

To recover a router password, do the following:

Prepare the Device

Step 1. Connect to the console port.

Step 2. If you have lost the enable password, you would still have access to user EXEC mode. Type show version at the prompt, and record the configuration register setting.

R>#show version
<show command output omitted>
Configuration register is 0x2102
R1>

The configuration register is usually set to 0x2102 or 0x102. If you can no longer access the router (because of a lost login or TACACS password), you can safely assume that your configuration register is set to 0x2102.

Step 3. Use the power switch to turn off the router, and then turn the router back on.

Step 4. Press Break on the terminal keyboard within 60 seconds of power up to put the router into ROMmon.

Step 5. Type confreg 0x2142 at the rommon 1> prompt. This causes the router to bypass the startup configuration where the forgotten enable password is stored.

Step 6. Type reset at the rommon 2> prompt. The router reboots, but ignores the saved configuration.

Step 7. Type no after each setup question, or press Ctrl-C to skip the initial setup procedure.

Step 8. Type enable at the Router> prompt. This puts you into enable mode, and you should be able to see the Router# prompt.

Step 9. Type copy startup-config running-config to copy the NVRAM into memory. Be careful! Do not type copy running-config startup-config or you will erase your startup configuration.

Step 10. Type show running-config. In this configuration, the shutdown command appears under all interfaces because all the interfaces are currently shut down. Most importantly though, you can now see the passwords (enable password, enable secret, vty, console passwords) either in encrypted or unencrypted format. You can reuse unencrypted passwords. You must change encrypted passwords to a new password.

Step 11. Type configure terminal. The hostname(config)# prompt appears.

Step 12. Type enable secretpassword to change the enable secret password. For example:

R1(config)# enable secret cisco

Step 13. Issue the no shutdown command on every interface that you want to use. You can issue a show ip interface brief command to confirm that your interface configuration is correct. Every interface that you want to use should display up up.

Step 14. Type config-registerconfiguration_register_setting. The configuration_register_setting is either the value you recorded in Step 2 or 0x2102 . For example:

R1(config)#config-register 0x2102

Step 15. Press Ctrl-Z or type end to leave configuration mode. The hostname# prompt appears.

Step 16. Type copy running-config startup-config to commit the changes.