Say No to Cisco passwords

Folks from the networking Industry might be well aware of the limitations of Cisco Passwords generally called Type 7 passwords. What “service password encryption” (command to make clear text password into type 7 password) does is garble the password so that people who glance over your shoulder will not be able to make out the password. These passwords are also vulnerable if you store your configurations at a not so secure location or if you share your configuration with others for troubleshooting. The reason why many people are deceived by it is possibly because it says service password “encryption”. Anyone in IT knows that you encrypt data so that it is close to impossible to decrypt it except by the one for whom the data is meant. The other reason why people still use it is because they don’t care much about security and assume that nobody is malicious. Your equipments have passwords of every Admin which can easily be compromised but nobody cares.  There are softwares which decode these password.  There are even several websites which decrypt such passwords. The worst part of the tale is that you can use the Router itself to decrypt it. Continue reading