How to reset password for CISCO router, in case you forget the enable password?

-First, hook up the DB9 end of the standard light blue serial cable to your serial port.  The other end of the cable should plug into the port labeled “Console” on the back of the Cisco router. 

-Establish a serial connection with the router. 

-The settings you need are:

Baud: 9600

Data bits: 8

Parity: No

Stop bits: 1

Flow Control: None

-Use putty for this connection-

-Reboot the router and press the Break key to interrupt the boot sequence. 

Type confreg 0x2142.  This tells the router to bypass NVRAM during bootup.  In other words, your existing configuration won't be loaded.  The good news is that it won't be deleted either.

-Type reset to reboot the router.  Answer No when prompted to run setup.

-Type copy start run.  This loads your startup configuration into memory.  Now, if you type a show run config, you'll see the router configuration.  Also, you should notice that your router name is now in the prompt instead of the default “Router”.

-Change the enable secret - “enable secret new_password”

-Change the register back to 0x2102:

-config-register 0x2102

-When the router reboots it will load the old configuration with the new password.

-Save the password so that it will be persistent during reboots, type copy run start

-Reboot the router by typing reload at the enable prompt.

Step-by-Step Procedure Perform these steps in order to recover your password:

1.    Either switch off or shut down the router.

2.    Remove the compact flash that is on the rear of the router.

3.    Switch on the router.

4.    Once the router is on Rommon mode, reinsert the compact flash.

5.    Type confreg 0x2142 at the rommon 1> prompt in order to boot from Flash.This step bypasses the startup configuration where the passwords are stored.

6.    Type reset at the rommon 2> prompt.The router reboots, but ignores the saved configuration.

7.    Type no after each setup question, or press Ctrl-C in order to skip the initial setup procedure.

8.    Type enable at the Router> prompt. You are in enable mode and should see the Router# prompt.

9.    Type configure memory or copy startup-config running-config in order to copy the nonvolatile RAM (NVRAM) into memory. warning Warning:  Do not enter copy running-config startup-config or write. These commands erase your startup configuration.

10.Issue the show running-config command. The show running-config command shows the configuration of the router. In this configuration, the shutdown command appears under all interfaces, which indicates all interfaces are currently shut down. In addition, the passwords (enable password, enable secret, vty, and console passwords) are in either an encrypted or unencrypted format. You can reuse unencrypted passwords. You must change encrypted passwords to a new password.

11.Type configure terminal. The hostname(config)# prompt appears.

12.Type enable secret <password> in order to change the enable secret password. For example: hostname(config)#enable secret cisco

13.Issue the no shutdown command on every interface that you use. If you issue a show ip interface brief command, every interface that you want to use should display up up.

14.Type config-register <configuration_register_setting> . Where <configuration_register_setting> is either the value you recorded in step 2 or 0x2102 . For example: hostname(config)#config-register 0x2102

15.Press Ctrl-z or end in order to leave the configuration mode. The hostname# prompt appears.

16.Type write memory or copy running-config startup-config in order to commit the changes.

Depending on the router version:

Attach a terminal or PC with terminal emulation to the console port of the router. You can use Putty.

Use these terminal settings:

• 9600 baud rate

• No parity

• 8 data bits

• 1 stop bit

• No flow control

  2- If you can access the router, type show version at the prompt, and record the configuration register setting. See Example of Password Recovery Procedure in order to view the output of a show version command. 

  or you can do the following:
• Procedure 2

  Complete these steps in order to recover your password:

  1. Shut down the router.

  2. Remove the compact flash that is at the back of the router.

  3. Power on the router.

  4. Once the Rommon1> prompt appears, enter this command:

      

     confreg 0x2142

  5. Insert the compact flash.

  6. Type reset.

  7. When you are prompted to enter the initial configuration, type No, and press Enter.

  8. At the Router> prompt, type enable.

  9. At the Router# prompt, enter the configure memory command, and press Enter in order to copy the startup configuration to the running configuration.

  10. Use the config t command in order to enter global configuration mode.

  11. Use this command in order to create a new user name and password:

      router(config)#username cisco privilege 15 password cisco

  12. Use this command in order to change the boot statement:

      config-register 0x2102

1. Power cycle the router and interrupt the boot process by pressing ctrl+break. You will be in Rommon mode.
2. Type "confreg" once you are at prompt "rommon 1>".
3. Now you will enter into configuration register 0x2102, here it will ask whether we wish to change the configuration press "y".
4. Now series of enabling commands with y/n will appear. Press "y" when it ask "ignore system config info" and for all others press "n".
5. After series of above command end, we will enter into configuration register 0x2142. It will again ask do we wish change the configuration, press "n".
6. Now we will enter Rommon 2> prompt. Enter command "reset" here.
7. Now router will reboot and it will ignore saved configuration this time (i.e. it will skip startup config). It will be like new router and it will ask whether we want to enter initial configuration press "n".
8. Go to Privileged EXEC mode and type "copy start-config running-config". This will copy our previously saved configuration from NVRAM to DRAM.
9. Reset all passwords that you want to change.
10. Go to Global configuration and type “config-register  0x2102” to change the configuration register back to 0x2102.
11. Save the configuration and reload the router.