Enable secret passwords are hashed using the MD5 (Message Digest 5) algorithm instead of the weak Cisco proprietary algorithm. Enable secret passwords are not trivial to decrypt.
An “enable secret” password is configured using the following command:
cisco (config)#enable secret password
If you see a password in the configuration file with a ’5′ in the second to last field, that password is hashed using the MD5 algorithm. For example:
enable secret 5 $1$B8pH$PmmcMRoqfeEtQ7WxL865a0
Although MD5 is a strong algorithm, it may still be attacked with a dictionary attack or a brute force attack.
