If you ever find yourself locked out of a Cisco router because you forgot the enable secret (privileged mode) password you may use the following steps to perform a password recovery on the Cisco device. The router in this example is 1700 series Cisco router.

1. Press ctrl+break during the boot sequence and enter ROM monitor mode.

monitor: command “boot” aborted due to user interrupt
rommon 1 >

2. Change the configuration register value to 2142 (0×2142).

rommon 1 > confreg 0×2142

You must reset or power cycle for new config to take effect

3. Reload the router using the ‘reset’ command.

rommon 2 > reset

4. Respond with a ‘no’ when prompted to enter setup mode.

— System Configuration Dialog —

Would you like to enter the initial configuration dialog? [yes/no]: no

5. Type ‘enable’ to enter privileged mode.


6. Copy the startup-config file into the running-config file.

Router#copy startup-config running-config
Destination filename [running-config]?

1154 bytes copied in 0.892 secs (1294 bytes/sec)

7. Configure the enable secret password (in this example I set the enable secret password to ‘cisco’).

router-1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
router-1(config)#enable secret cisco

8. Change the configuration register back to the default value of 2102 (0×2102).

router-1(config)#config-register 0×2102

9. Copy the running-config file into the startup-config file.

router-1#copy running-config startup-config
Destination filename [startup-config]?
Building configuration…

10. Reload the router (optional).

Proceed with reload? [confirm]

Once the router reloads all you have to do is login to user mode then use your new privileged mode password (the example above used ‘cisco’).