Lost Cisco Password?

Lost Cisco Password?

Did you setup a great lab but lost your Cisco password for a device? This blog post is specifically for Packet Tracer but most of it will still apply to physical gear. Before you get super frustrated at yourself or the computer, check out the few simple steps we can take to fix the situation. 🙂

Lost Cisco Password?

Reset password for Routers

This works for Packet Tracer, and physical routers. 🙂

First, turn off the router.

Since Packet Tracer is always connected to the console port, you don't need a separate computer connected to the console port. If you are using physical gear, remember, you need a computer connected to the console port.

Turn the router back on, and quickly click the CLI tab and click into the window and do ctrl+pause, or ctrl+c, whatever the break key is on your operating system. Now we are in Rom Monitor Mode.

You can type a ? mark to see the available commands. The one we will use is confreg. We need to set the configuration register value so it ignores the startup-config in NVRAM, and then reset the router. Click here to see all available configuration register settings.

 confreg 0x2142 


Now the router has reloaded and it will ask us, "would you like to enter the initial configuration dialog? [yes/no]:" We will say no.

Now you can enter privileged user mode without a password. Let's do that first, and then our next step is to copy the saved configuration into the running configuration.

 copy startup-config running-config 

If you do show running-config you will see that the old enable secret is back in the config file, but because you are logged into privileged user mode you can change the stored secret password in global configuration mode.

 enable secret mynewsupersecretpassword 

If you do show version, you will see that the last line says "Configuration register is 0x2142". We need to change that, otherwise the router will boot up and ignore all the work we have done. 🙂 Let's make sure that doesn't happen by entering global configuration and executing the following command.

 config-register 0x2102 

Everything should be good to go so we should save our running configuration to make sure everything works the next time the router is rebooted.

 copy running-config startup-config 

Remember to no shutdown your interfaces after you have restored your configuration. By default, they will be shutdown.

Reset password for switches

This one is a bit more tricky since Packet Tracer is different than physical equipment. I didn't find tutorials about resetting passwords for switches in Packet Tracer so hopefully this is helpful for someone out there. 🙂

First we need to backup our running config by renaming it. In order to do that we need to "Power Cycle" all our devices since Packet Tracer doesn't allow us to unplug the power from switches. Here is a picture of the power cycle button in Packet Tracer.

After we click "Power Cycle", we need to click on the switch in our topology, click on the "Physical" tab, and then click "Zoom In", and finally click on the "Mode Button". After the Olympic event of clicking is done we should see a pop-up box that says "Mode button pressed for 3 seconds for ROMMON access."

Yeah we made it, now the switch will boot into Rom Monitor Mode and we can rename the config.text file that has our current configuration stored. Step one checks to see if the file is there. Step two renames the file. Step three checks to see if you successfully renamed the file. Step 4 restarts the switch.

 dir flash: 

 rename flash:config.text flash:config.text.old 

 dir flash: 


Once the switch is up and running we can erase the NVRAM. Under Config, click GLOBAL, then click Settings, then click Erase under NVRAM.

Check out the picture below. Packet Tracer behaves a bit peculiarly when this is done, now we are now in privileged mode and you know what that means. 🙂 With a physical device, you would have had to power-cycle the device before getting into privileged mode.

If you do show startup-config, you will see that "startup-config is not present". Let's copy the old config text into the running-config.

 dir flash: 

Shows us that we have the config.text.old file stored in flash and we can use it to restore our running-config.

 copy flash running-config 

This will prompt us for the name of the file.


And press enter, if you do show running-config you will see that our old config has been restored.

Let's change the enable secret password in global configuration mode.

 enable secret myubernewpassword 

Remember to save the running-config so you don't lose all your hard work, also check to see if all interfaces are up.

 copy running-config startup-config 

 show ip interface brief 

I hope this post helped you out, especially with resetting switch passwords in Packet Tracer. If you want to chat, please connect with me on Twitter or LinkedIn.

Leave a Reply

Your email address will not be published. Required fields are marked *