How To Recover A Lost Password On A Cisco Switch
How To Recover A Lost Password On A Cisco Switch
How To Recover A Lost Password On A Cisco Switch
So you lost the password on your Cisco switch. Maybe the old administrator left or maybe you just haven’t used this
switch in a while and don’t recall the password. No matter what the case, you need to change the password on the
switch so you can create a new password. How do you do this on a Cisco switch? It is a little more difficult than a
Cisco router. One important difference between resetting the password on a Cisco switch vs. a router is that you
don’t use configuration registers to reset the password on the switch. Let me show you how it’s done.
I want to point out that this article is based on a Cisco Catalyst 2900, 3500XL, 2940, 2950, 2955, and 3550 switches.
If you have another model of Cisco Catalyst switch, see the link concerning general Cisco password recovery at the
bottom of this article.
To recover a password on a Cisco switch, you will have to be connected to the console port of the Cisco switch
using 9600 baud, 8 bits, no parity, 1 stop bit, and xon/xoff flow control. I recommend using Hyperterminal that
comes with Windows XP to do this (Read How to Use HyperTerminal with Cisco Routers & Switches for more
info).
Once you are connected and see something on the terminal window when you press enter, unplug the power cable.
Next, hold down the mode button on the front, as seen in the photo below, and connect the power cable.
On a 2900, 3500XL or 3550 (like the one shown) release the mode button after the 1x port LED goes out. On a 2940
or 2950 switch release the mode button after the stat light goes out. On a 2955, press the break key (ctrl-break on
Windows) when you see the message that the switch will autoboot.
You should now see something like this (taken from a 3550 switch):
Notice that it says that the password-recovery mechanism is enabled.
At the switch: prompt, type flash_init and press enter. You should see something like this (at least on a 3550):
Now type load_helper and press enter. You should see something like this:
Now type dir flash: and press enter. You should see something like this:
The config.text file is what stores the administrative password that is keeping you from logging into the router. To
get rid of this file, use this command:
Next, boot the switch using the boot command, like this:
Once the system is booted, you will be asked if you want to enter the initial configuration dialog. Say no and press
enter.
Next, enter enable mode with the en or enable command. Then, type the following commands:
Go into global configuration mode by typing config terminal. Next type no enable secret.
Now you can reset your enable password to whatever password you want. In the example below, we used the enable
password NetInsider to set the password to NetInsider.
Exit out of global configuration using the exit command and save your configuration with the
copy running-config startup-config command. You will be prompted to confirm the name of
the destination file. Press enter.
You have successfully reconfigured your switch’s enable password using the password recovery
procedure. Even better, you were able to do this while preserving the entire switch configuration.