Difference Between Enable and Enable Secret Password
Enable vs Enable Secret Password
On Cisco devices, there are a number of ways that you can protect resources with the use of passwords. Two common ways to achieve this is via the enable password command and enable secret password command. The main difference between enable and enable secret is encryption. With enable, the password that you give is stored in a plain text format and is not encrypted. With enable secret password, the password is actually encrypted with MD5. In the simplest sense, enable secret is the more secure way.
With Cisco, it is possible to view the stored passwords as they are a part of the configuration file. When you view them, you will see the actual password that you need to enter with enable password. The same will also reveal the password made by enable secret. But, it will be in its encrypted form and cannot be entered as the password in its current state.
Although using enable secret is relatively safer than using enable password, it is not uncrackable. Actually, it is relatively easy to crack the encrypted password of enable secret by searching for tutorials and tools online. It’s just a matter of knowing what you are doing and having the right resources to execute it. So, for a capable person, both enable and enable secret cannot block access, but just add a small amount of delay.
There are cases where enable and enable secret are good enough in limiting access to your devices. But in cases where you really do not want to block access, it is best to use another command ‘service password-encryption’ as it provides better security. It still encrypts the password that you enter, but with a more complex algorithm that is virtually impossible to crack with tools and computing power that is commonly available nowadays.
Summary:
1.Enable secret encrypts the password while enable does not
2.The enable password can be seen with a command while the enable secret password cannot
3.The enable secret password can still be cracked with the right tools
- Difference Between Sony Cybershot S Series and W Series - December 22, 2012
- Difference Between Samsung Galaxy S3 and iPhone 5 - December 21, 2012
- Difference Between Samsung Galaxy S2 (Galaxy S II) and Galaxy S 4G - December 20, 2012
Search DifferenceBetween.net :
Email This Post
: If you like this article or our site. Please spread the word. Share it with your friends/family.
MD5 is not encryption, it’s a hash function. http://www.differencebetween.net/technology/software-technology/difference-between-encryption-and-hashing/
I presume in the last paragraph, you mentioned “where you really do not want to block access” instead of “do want to block access”.
I was extremely pleased to uncover this great site. I want to to thank you for your time for this particularly
wonderful read!! I definitely loved every bit of it
and i also have you saved as a favorite to see new stuff on your blog.
Exactly WHAT does it encrypt? User exec, priv exec, WHAT?