Even if you forget your Cisco device (read router or switch) password you can recover it by following the steps outlined in this article. This includes enable passwords, secret passwords, telnet, SSH and console passwords. This process involves changing the configuration register of your Cisco device so that it ignores the NVRAM contents and loads the default configuration. For this process you have to get into the ROM monitor mode so you need to have serial console access to the Cisco switch/router.
Enter into ROM monitor mode
When the router boots interrupt the boot sequence by pressing [CTRL] + [BREAK] and you should see something like this
Self decompressing the image :
monitor: command "boot" aborted due to user interrupt
rommon 1 >
Now we’re inside the ROM monitor mode.
Change the configuration register
Change the configuration register to 0x2142 so that the device ignores the NVRAM contents and reboot it.
rommon 1 > confreg 0x2142
rommon 2 > reset
Copy the startup configuration
After the device reboots the running configuration doesn’t have anything but the bare minimal settings. Now you should copy the startup configuration so that you can modify the password in it.
Router#copy startup-config running-config
Reset the required password
Enter the command to reset the password you forgot. If you used local authentication
R0(config)#username jesin secret passwd
The above command will reset the password of the user “jesin”, if such a user doesn’t exist a new user is created by that name.
To reset an enable password or secret
R0(config)#enable password newpwd
R0(config)#enable secret newpwd
Reset a console password
Router(config)#line console 0
Reset a telnet password
Router(config)#line vty 0 4
Save the running configuration
Make sure the changes made to the passwords are saved in the running configuration
Router#copy running-config startup-config
Reset the Configuration Register and reload
Now that the work is over reset the configuration register to its original value
Now reboot the Cisco device.