Several types of passwords can be configured on a Cisco router, such as the enable password, the secret password for Telnet and SSH connections and the console port as well. All these password locations represent good access locations for passwords, but if you have only one password on only one access location, you should at least have an enable password.
Add new user
this command below will create user with encrypted password
username devninja secret yourpassword
Setting the enable password
You use the enable password every time you move from User EXEC mode to Privileged EXEC mode. This password gives you security on your router, because Privileged EXEC mode is where all the dangerous commands are located, including access to Global Configuration mode. To set an enable password, use the following command:
Router2>enable Router2#configure terminal Router2(config)#enable password mypassword
This command creates an enable password that is stored in your configuration file. To view this password, show the running configuration using the following command:
Router2>enable Password: Router2#show running-config | include enable password enable password mypassword
You may immediately see the problem here. The password is stored in plain text in your configuration file, thus anyone who has access to your configuration file can easily read the password.
Setting the secret password
Cisco’s solution to the enable password’s inherent problem was to create a new type of password called the secret password. When you configure both an enable and a secret password, the secret password is the password that will be used to switch from User Exec mode to Priv Exec mode. The following code sets both passwords for your router:
Router2>enable Router2#configure terminal Router2(config)#enable password mypassword Router2(config)#enable secret mysecretpassword
To see your enable passwords in your configuration, use the following command:
Router2>enable Password: Router2#show running-config | include enable enable secret 5 $1$BSX4$FZp.ZFvYSAGUEDn8dvr140 enable password mypassword