Introduction
Passwords are an essential security element for any network device, including Cisco devices. Passwords protect sensitive information and access to the network infrastructure from unauthorized users. However, not all passwords are created equal, and choosing a weak password or using a weak hashing algorithm can lead to vulnerabilities and potential breaches.
To protect the network infrastructure, it is essential to understand the different password types available for Cisco devices and how they work. Each password type offers varying degrees of security, depending on the hashing algorithm used to store and protect the password. In this article, we will explore the strengths and vulnerabilities of each Cisco password type and provide best practices for their use.
It is important to note that Cisco passwords are stored in the device’s configuration file. If unauthorized users access the configuration file, they can view the password in hashed or encrypted form. Therefore, a strong password and hashing algorithm are crucial for securing the device and network infrastructure.
In the following sections, we will discuss each password type, its strengths, and vulnerabilities and recommend their use. By understanding the different password types available and the best practices for their use, network administrators can protect their network infrastructure and prevent potential breaches.
Brief Description of the password Types
When securing your Cisco network devices, one of the essential factors to consider is hash security. Hashes are an integral part of securing access to network devices and data. They are often the first line of defense against unauthorized access and must be strong enough to resist hacking attempts. However, not all hash types are created equal, and some can be more secure than others.
Cisco devices offer several types of hash protection that range from the most vulnerable to the most secure. These hash types are designated with a number from 0 to 9, and each type uses a different algorithm to encrypt and protect the hash. Understanding each hash type’s strengths and weaknesses is essential to choose the most appropriate one for your network devices.
- Type 0 is the original password storage used in Cisco devices, but they are now considered immediate critical security risks and should not be used.
- Type 4 hashes were introduced in Cisco IOS version 11.0 in 1996 to improve on Type 0, but they use a weak encryption algorithm and should not be used.
- Type 5 hashes were introduced in Cisco IOS version 12.0 in 1998, using a simple Message-Digest 5 (MD5) hashing algorithm with a 32-bit salt. While they offer medium security, they are not NIST approved and should only be used when other, stronger types are unavailable.
- Type 6 encryption was introduced in Cisco IOS version 15.2(1)T in 2012, using reversible 128-bit Advanced Encryption Standard (AES) encryption. They are recommended only when reversible encryption is needed or when Type 8 is unavailable.
- Type 7 hashes have been available since at least Cisco IOS version 10.0 and should not be used as they use a simple alphabetical substitution Vigenere cipher with a hardcoded key, making them easily reversible and a critical security risk.
- Type 8 hashes were introduced in Cisco IOS version 15.2(1)T in 2012, using the Password-Based Key Derivation Function version 2 (PBKDF2), SHA-256, an 80-bit salt, and 20,000 iterations. They offer strong security with low resource requirements and are recommended by Cisco for modern devices.
- Type 9 hashes were introduced in Cisco IOS version 15.5(3)M in 2015, using the Scrypt hashing algorithm with an 80-bit salt and 16384 iterations. While they offer strong security, they have not been evaluated against NIST-approved standards and are not recommended by the NSA.
It is important to note that each hash type serves different authentication needs; some are more secure than others. Choosing the appropriate hash type and following strong policies can help secure your network devices and data effectively. By understanding the different hash types and their level of security, you can better protect user authentication on Cisco devices.
Best practices for using hashes on Cisco devices include:
- Avoid using Type 0 and Type 4 hashes as they are considered immediate critical security risks.
- Use Type 5 hashes only when other, more substantial types are unavailable.
- Use Type 6 encryption only when reversible encryption is needed or when Type 8 is unavailable.
- Avoid Type 7 hashes, which are easily reversible and a critical security risk.
- Use Type 8 and Type 9 hashes wherever possible as they offer the strongest security.
- Do not use dictionary words for hashes; use random strings instead.
- Store the hash master key in a secure location.
- Follow other strong password policies, such as using a different hash for each user and regularly changing hashes.
NSA Guidelines for Cisco Devices
It’s crucial to understand the severity of the vulnerability associated with different password types to choose the best one for your network. As discussed in the previous section, weak password hashes can expose your network to severe risks, such as unauthorized access, data breaches, and loss of sensitive information.
The NSA has produced a great guide on “Cisco Password Types: Best Practices” and their related article.
Cisco uses a numeric system to indicate the hashing algorithm for password protection. The password types available for Cisco devices are 0, 4, 5, 6, 7, 8, and 9. Each type has different difficulty levels to crack and recover the plaintext password and a corresponding vulnerability severity level.
Here’s a table summarizing the Cisco password types, their ability to crack, vulnerability severity, and NSA’s recommendations for use:
Password Type | Ability to Crack | Vulnerability Severity | NSA Recommendation |
---|---|---|---|
Type 0 | Immediate | Critical | Do not use |
Type 4 | Easy | Critical | Do not use |
Type 5 | Medium | Medium | Not NIST approved; use only when Types 6, 8, and 9 are not available |
Type 6 | Difficult | Low | Use only when reversible encryption is needed or when Type 8 is unavailable. |
Type 7 | Immediate | Critical | Do not use |
Type 8 | Difficult | Low | Recommended |
Type 9 | Difficult | Low | Not NIST approved |
How long does it take to break these hashes?
The time it takes to break a hash depends on various factors, such as the hash algorithm used, the length and complexity of the password, and the resources available to the attacker (such as computational power and password-cracking software). That being said, here are some estimates of the time it would take to crack each of the mentioned hashes using various methods:
- Type 0: These passwords are immediately reversible and can be obtained in seconds.
- Type 4: These passwords use a weak encryption algorithm and can be cracked using brute-force methods in a matter of hours or days, depending on the complexity of the password.
- Type 5: These passwords use a simple MD5 hashing algorithm with a 32-bit salt, which is vulnerable to various attacks, such as dictionary attacks, brute-force attacks, and rainbow table attacks. Depending on the length and complexity of the password, it could take a few minutes to several days or weeks to crack.
- Type 6: These passwords use reversible 128-bit AES encryption, considered very strong. The time it would take to crack these passwords depends on the password’s length and complexity, but it is estimated to be infeasible with current technology.
- Type 7: These passwords use a simple Vigenere cipher with a hardcoded key, which makes them easily reversible and a critical security risk. They can be cracked in seconds using online tools or scripts.
- Type 8: These passwords use the PBKDF2 algorithm with SHA-256, an 80-bit salt, and 20,000 iterations, which makes them very strong. It would take a considerable amount of time and computational power to crack these passwords, ranging from weeks to years, depending on the length and complexity of the password.
- Type 9: These passwords use the Scrypt algorithm with an 80-bit salt and 16,384 iterations, considered even stronger than Type 8. It is estimated that it would take a considerable amount of time and computational power to crack these passwords, ranging from years to decades, depending on the length and complexity of the password.
Deep Dive into each Password Type
Type 0 – Plaintext
Type 0 passwords are the most basic password storage in Cisco routers and switches. These passwords are stored in the device’s configuration file in clear text format, which means they are easily readable by anyone with access to the file.
Type 0 passwords in Cisco devices are highly discouraged due to their vulnerability to unauthorized access and password-cracking attacks. Attackers can easily retrieve the password from the configuration file and use it to gain access to the device. Moreover, Type 0 passwords do not protect against dictionary attacks or other password-cracking techniques, making them even more vulnerable to attack.
To illustrate how a Type 0 password is stored in a Cisco configuration file, consider the following example:
username admin password 0 mypassword
In this example, “mypassword” is the cleartext password to secure the “admin” user account. The “password 0” command specifies that the password is a Type 0 password and should be stored in clear text format in the configuration file.
To mitigate the security risks associated with Type 0 passwords, Cisco recommends using more secure password types such as Type 5 (MD5) or Type 7 (encrypted). Type 5 passwords use the MD5 hashing algorithm to provide a higher level of security, while Type 7 passwords use a simple encryption mechanism to obscure the password in the configuration file.
In summary, Type 0 passwords in Cisco devices provide very little security and are vulnerable to unauthorized access and password-cracking attacks. It is highly recommended that more secure password types, such as Type 5 or Type 7 passwords, be used instead to help ensure the security of the device and the network it is connected to.
Type 4 – Weak PBKDF2 Hashes
Type 4 passwords are not recommended as they use the Password-Based Key Derivation Function version 2 (PBKDF2) and only perform a single iteration of SHA-256 without a salt over the provided plaintext password weaker than Type 5 and less resistant to brute force attempts. Introduced around 2013, Type 4 was originally added to reduce the vulnerability to brute force attempts, but an implementation issue made it less secure. Type 4 passwords are stored as hashes within the configuration file.
It is essential to note that using Type 4 passwords is not recommended, and they have been deprecated starting with Cisco operating systems developed after 2013. The NSA strongly advises against using Type 4 passwords due to their weakness and potential for exploitation. Instead, network administrators should opt for Type 8 or Type 9 passwords, which are more secure and better suited for protecting sensitive credentials.
An example of a Type 4 password is shown in a Cisco configuration:
username bob secret 4 g1rTD89b38NIXbGJse.zLc7Cega1TBTlKQNvYDh9Qo6
In summary, Type 4 passwords are not recommended due to their weakness and potential for exploitation. Instead, Type 8 or Type 9 passwords are more secure and should be used to protect sensitive credentials.
Type 5 – MD5 Hashes
Type 5 passwords, also known as MD5 passwords, are a more secure alternative to Type 0 passwords in Cisco devices. MD5 is a one-way hash function that takes an input (in this case, the password) and produces a fixed-length string of characters representing the hash value. The hash value is stored in the device’s configuration file instead of the password itself, making it much more difficult for an attacker to retrieve the original password.
To generate a Type 5 password for a Cisco device, the following command can be used:
enable secret 5 password
In this example, “password” is the clear text password that is being secured using a Type 5 password. The “enable secret” command specifies that the password is used to secure privileged access to the device. The “5” indicates that the password should be stored using the MD5 hashing algorithm.
When the command is executed, the device generates an MD5 hash value of the password and stores it in the configuration file. The hash value is stored in the following format:
enable secret 5 $1$[salt]$[hash value]
In this format, “[salt]” is a randomly generated value used to increase the complexity of the hash function, and “[hash value]” is the resulting hash value of the password.
Using Type 5 passwords in Cisco devices provides a higher security level than Type 0 passwords. However, it is important to note that MD5 is a relatively weak hash function and is still susceptible to attacks. To further increase the security of the password, Cisco recommends using stronger hash functions such as SHA-256 or SHA-512, which are available in Type 8 passwords.
In summary, Type 5 passwords provide higher security than Type 0 passwords in Cisco devices by storing the password as a hash value instead of clear text. However, it is important to use strong passwords and consider using stronger hash functions to increase further the security of the device and the network it is connected to.
Type 6 – Reversible Encryption
Type 6 passwords in Cisco devices use reversible encryption with AES counter mode to encrypt the password and store it in the configuration file. The use of Type 6 passwords is recommended for their strong encryption. Still, it is essential to remember and securely store the master password used to encrypt the password, as the encrypted password cannot be decrypted with an incorrect master password.
It is critical to remember and securely store the master password used to encrypt the Type 6 password. Changing the master password regularly and using a strong, complex password is also essential to maintain maximum security for the device and network.
If the master password is lost or forgotten, it is not possible to recover the encrypted password. Instead, the administrator must reset the password to a new value and reconfigure the device accordingly. Therefore, it is crucial to implement secure password management practices to prevent the loss or theft of passwords.
Here is an example of setting up a Type 6 password for an ISAKMP pre-shared key.
- Configure a primary key for password encryption using the command “key config-key password-encrypt [super-secret-password]”. This key encrypts and decrypts the passwords and is not saved in the running configuration file.
key config-key password-encrypt my-secret-key
- Enable AES encryption by entering the command “password encryption aes” in global configuration mode. This command sets the default password encryption type to Type 6, which encrypts plaintext passwords using reversible 128-bit AES encryption.
password encryption aes
- Generate a Type 6 password by entering the command “username [username] password 6 [password]” in global configuration mode. Replace “[username]” with the desired username and “[password]” with the clear text password that is being secured using a Type 6 password.
username user1 password 6 my-password
- To configure an ISAKMP pre-shared key as a Type 6 password, enter the command “crypto isakmp key 6 [password] address [ip address]” in global configuration mode. Replace “[password]” with the clear text pre-shared key and “[ip address]” with the IP address of the peer device.
crypto isakmp key 6 my-psk address 10.0.0.2
Following these steps, the Type 6 password can be used to secure ISAKMP pre-shared keys or other security-related functions requiring the plaintext password. It is critical to remember and securely store the master password used to encrypt the Type 6 password and to implement secure password management practices to maintain maximum security for the device and network.
In summary, configuring a Type 6 password in Cisco devices requires enabling AES 128 password encryption, configuring a key for password encryption, and generating a Type 6 password. It is crucial to remember and securely store the master password used to encrypt the Type 6 password and to implement secure password management practices to maintain maximum security for the device and network.
Type 7 – Weak Vigenere Cipher
Type-7 is an older method used by Cisco devices to store passwords. It uses a Vigenere cipher, a simple encryption algorithm that uses a keyword to encrypt plaintext. Type-7 passwords are not considered secure and can be easily decrypted with a simple tool.
Here is an example of what a Type-7 password looks like in a Cisco configuration file:
username user1 password 7 0838511B1E1A03050F
In this example, “user1” is the username, and “0838511B1E1A03050F” is the encrypted password. The number “7” indicates that it is a Type-7 password.
To configure a Type-7 password, enter the command “enable secret [password]” in global configuration mode. Replace “[password]” with the plaintext password you want to encrypt. The password will be encrypted and stored as a Type-7 hash in the configuration file.
Remember that Type-7 passwords are not secure and can be easily decrypted with online tools or simple scripts. Therefore, it is recommended to use other password encryption methods, such as Type 5, Type 6, Type 8, or Type 9, preferably Type 8 and Type 9. Additionally, it is important to implement secure password management practices, such as regularly changing passwords and securely storing them.
Type 8 – Password-Based Key Derivation Function ver.2 (PBKDF2)
The NSA recommends Type 8 passwords for their strong security measures and efficient resource usage. Cisco operating systems developed after 2013 use Type 8 passwords, which are hashed with the Password-Based Key Derivation Function version 2 (PBKDF2), SHA-256, an 80-bit salt, and 20,000 iterations, making them more secure than previous password types. Type 8 passwords are stored as hashes within the configuration file and are less resource-intensive than Type 9 passwords.
To enable Type 8 privilege EXEC mode passwords, enter the command “enable algorithm-type sha256 secret [password]” in global configuration mode. Replace “[password]” with the desired clear text password.
enable algorithm-type sha256 secret [password]
To create a local user account with a Type 8 password, enter the command “username [username] algorithm-type sha256 secret [password]” in global configuration mode. Replace “[username]” with the desired username and “[password]” with the clear text password that is being secured using a Type 8 password.
Here’s an example of a Type 8 password in a Cisco configuration file:
username bob secret 8 $8$kMehFGHe4ew.chRm.d3hge68ECor21viE35NAMV72qPho75fl/lsFlyEFl
In this example, “bob” is the username, and “$8$kMehFGHe4ew.chRm.d3hge68ECor21viE35NAMV72qPho75fl/lsFlyEFl” is the hashed password. The “$8$” indicates a Type 8 password; the text following it is the hashed password.
It is important to remember and securely store the master password used to encrypt the Type 8 password. Changing the master password regularly and using a strong, complex password is also important to maintain maximum security for the device and network.
In summary, Type 8 passwords are recommended by the NSA for their strong security measures and efficient resource usage. It is important to remember and securely store the master password used to encrypt the Type 8 password and to implement secure password management practices to maintain maximum security for the device and network. To enable Type 8 privilege EXEC mode passwords, enter the command “enable algorithm-type sha256 secret [password]” in global configuration mode. To create a local user account with a Type 8 password, enter the command “username [username] algorithm-type sha256 secret [password]” in global configuration mode.
Type 9 – Scrypt
Type 9 passwords were introduced in Cisco operating systems developed after 2013. They use the Scrypt hashing algorithm with an 80-bit salt and 16384 iterations, making them difficult to crack and requiring significant hardware resources. This raises the cost for an adversary to brute force the password.
While Cisco and the industry recommend Type 9 hashes, it is important to note that the algorithm has not been evaluated against NIST-approved standards and therefore is not recommended by the NSA nor approved for use on National Security Systems (NSS).
To enable Type 9 privilege EXEC mode passwords, enter the command “enable algorithm-type scrypt secret [password]” in global configuration mode. Replace “[password]” with the desired password.
enable algorithm-type scrypt secret my-password
To create a local user account with a Type 9 password, enter the command “username [username] algorithm-type scrypt secret [password]” in global configuration mode. Replace “[username]” with the desired username and “[password]” with the desired password.
username user1 algorithm-type scrypt secret my-password
An example of a Type 9 password shown in a Cisco configuration is:
username bob secret 9 $9$ApsgnGtdkTswkfjucj./4w7dcjhGFsjkdT7mAup2lveHuu25fL.hgvfiq
While Cisco and the industry recommend Type 9 passwords, it is important to follow NSA guidance and not use them for National Security Systems (NSS) due to their lack of evaluation against NIST-approved standards.
Understanding where each password type is used in Cisco Configurations
In Cisco configurations, password hashes and pre-shared keys are essential security components. Password hashes are used for user authentication when logging into Cisco devices. In contrast, pre-shared keys are used for machine authentication protocols such as OSPF, EIGRP, BGP, and VPN connections. By understanding the different types of password hashes and pre-shared keys used in Cisco configurations, network administrators can help ensure their devices are properly secured against a wide range of threats.
Several types of password hashes are used in Cisco configurations, each providing varying levels of security against attackers who might try to guess the password by brute force or dictionary attacks.
- Type 0 (plaintext): This is the weakest type of password hash, as the password is stored in clear text in the configuration file. If attackers access the configuration file, they can easily read the password. These can be used for user credentials and other areas of Cisco configurations
- Type 4 – (weak PBKDF2 hash): This type of password hash uses the MD5 hashing algorithm, which produces a fixed-length hash value. While MD5 is no longer considered a secure hashing algorithm, it is still stronger than Type 0. Similar to Type 0 passwords, these are used in the same areas. You may find that you can not use this type as it has been deprecated.
- Type 5 (salted MD5 hash): This type of password hash uses the same MD5 hashing algorithm as Type 4 but with a randomly generated salt value added to the password before hashing. This makes it more difficult for attackers to guess the password by brute force or dictionary attacks. These can be used for user credentials and other areas of Cisco configurations.
- Type 6 (AES encrypted): This type of password hash uses reversible encryption instead of one-way hashing, which means retrieving the original password from the hash is possible. Type 6 password hashes are typically used for encrypting pre-shared keys, particularly for ISAKMP (Internet Security Association and Key Management Protocol) pre-shared keys. Type 6 passwords are unavailable for OSPF, EIGRP & BGP pre-shared keys.
- Type 7 (weak encryption): This type of password hash uses a simple XOR-based encryption method that can be easily reversed. In addition, the encryption key used in Type 7 password hashes is easily obtainable, making it relatively simple for attackers to decrypt the hash and retrieve the original password. For this reason, Type 7 password hashes are not considered secure. These can be used for user credentials OSPF, EIRP & BGP pre-shared keys
- Type 8 (PBKDF2-SHA256): This type of password hash uses the PBKDF2 algorithm with the SHA256 hashing algorithm to produce a strong, secure password hash. PBKDF2 is a key derivation function that adds complexity to the hashing process, making it more difficult for attackers to guess the password. These can be used for user credentials and other areas of Cisco configurations.
- Type 9 (SCRYPT): This type of password hash uses the SCRYPT algorithm to produce a strong, secure password hash. SCRYPT is a memory-hard key derivation function harder for attackers to crack than other password hashes. These can be used for user credentials and other areas of Cisco configurations.
The choice of password hash type depends on the level of security required, the resources available for managing passwords, and the type of authentication required (user vs. machine). Stronger password hashes provide better security against attackers trying to steal or guess the password. It is important to use the appropriate password hash type for each context in which it is used to ensure the proper security of the Cisco configuration file.