Cisco Router Password Recovery

Cisco Router Password Recovery

This article explains how to recover Cisco router password. Free step by step tutorial to explain how to recover Cisco router password.

Consider this is your normal topology and everything works fine here.

Now if you forget you Router password, you need to add a new Admin device, i.e. a computer with console access to your router.  See the picture blow with the admin PC connected to Router using console access.

Once we have connected the Admin PC to the Router using console cable, we will need an application like Hyper Terminal, Putty, and Secure CRT etc to access/manage the router.

If we follow the lab scenario that we have as in Packet Tracer simulation tool from Cisco, Click on the Admin PC and go to Desktop Tab and click on Terminal.

The Terminal configuration window opens and the Terminal Configuration Window, where you can configure the Bits Per Second, Flow Control etc. Similar setting will be on all software’s. (Putty, SecureCRT, Hyper Terminal etc.)

Once you click on OK, you get the console access. You are in the router now.

Now, before we proceed further, we need to have a password on the router and then forget itJ, and then try to recover it.

Let’s configure the router with a password.

We have set the password as ‘ciscociscocisco’ assume you forget the password.

We can see the encrypted password in the show running configuration (show run)

Now we will copy the running configuration to the startup config, as we recently made some configuration for password so that will be saved to the startup config. You can either use the complete command as shown in the screenshot or just use ‘copy run start’

Hit Enter when it asks Destination file name, we will keep the file name default itself i.e. startup-config

Some important things to know:

1. Password is stored in a file named ‘startup-config’
2. This startup-config file sis stored in the NVRAM ( Non Volatile – RAM)
3. If you see the config using ‘show version’, you observer that the default configuration register value is 0x2102. When this value for config register is set to the NVRAM , when the router boots it will look for the startup-config file which is in the  NVRAM
4. In case we need to recover the password, then we need to change the configuration register value to 0x2142. With this configured, the router would ignore or bypass the startup-config file in NVRAM and enters to Setup Mode
5. Whenever we make changes to the router’s configuration register settings, we must manually reload the router.
6. While recovering the password, PC must connect to the router using console 

Now before we dive into the password recovery, take a look at the output of the ‘show version’ command.

It shows us the image file used, which is the router IOS, the router version, Processor ID etc. and most importantly it shows the Configuration Register, which is 0x2102

This configuration register is important because it is this config that tell the router, to get the information form the start-up config whenever it reboots and put it in NVRAM

Now if you logout of the router and try to reconnect and go to enable mode, you are being prompted for a password (We configured the password in earlier steps).

And we have FORGOTTEN THE PASSWORDL, we are unable to proceed further.

Now you need the password recovery process to be performed.

1. We need to bump the router (Power off and Power on) again.

As an example in this demonstration, on packet tracer we can go to Physical Tab and see the Router Back Panel, you see the power button.

2. Monitor the console screen, and we need to press the ‘BREAK” Key or may be Ctrl+ Break on the keyboard which is usually on the top right side above the NUM Lock.

3. The console screen looks like the below:

4. Immediately after Power Off and Power On, you see the ‘self-decompressing the image’ and ########## characters showing progress.

Press the Ctrl + Break Key on the Console PC, as soon as possible (within 60 seconds) and you will go to the ROMMON Mode. (ROM Monitor mode has a Sub IOS which is on the Boot ROM.

5. Press question mark ‘?’ to see list of command that be  used in the ROMMON Mode

6. We need to use the confreg command “confreg 0x2142” (used to skip or bypass the startup config). The Reset is a system reset command.

7. This bypasses the NVRAM and the routers starts showing the System configuration Dialog. We type No, and we have the router prompt

You must have noticed the hostname of the router is not Router_A, but only Router.

8. Do a ‘show run’ we see that no password related configuration is seen.

9. Now we copy the startup-config, the stored config to the running config.

Notice the prompt changed to our old configuration (Router_A). Since the previously stored config is loaded back to the running config.

10. We should also be able to see the encrypted password in show run. But we don’t remember the clear-text password.

11. Since we are in the enable prompt, it is absolutely fine if we don’t remember the password. We can create a new password now. We use the ‘enable secret’ command and change the password to ‘cisco’

12. Check the interfaces of your router and if being shutdown, can start them using the ‘no shutdown’ command

13. Now one very important thing to REMEMBER. Type ‘show version’ and see, the configuration register show value 0x2142, which means bypass the config file and load the router. Means the recent config that we did ( created new password: cisco) will not take effect as every time the Router reloads, it will bypass the config and boot up.

14. Go to config mode and enter command to change the config register

15. So we need to move the running config to startup config, using command “ copy run start’

16. Now if we reload the router, i.e. reboot it, we should be able to enter the router enable mode using the password we just configured. ‘cisco’

17. We get the prompt to login and entering the password ‘cisco’ we get to the enable prompt.

18. Type ‘show version’ and check the config register it is back to 0x2102

19. You have successfully recovered the password for your CISCO Router.

Read more

• What is IOS
• Router Memory
• Router Startup
• Understanding of Router Prompts
• Help Features of Router
• How to Configure Hostname, Clock and set banner on Cisco Router
• Configuring Fast Ethernet and Serial Interfaces on Cisco Router
• How to save router configurations
• How to set passwords on Cisco router
• How to Backup Cisco Router IOS
• Router IOS Commands and Basic Router Configuration
• Access Lists

    Free Cisco CCNA Study Guide