Default username on Cisco routers

I get a lot of hits via Google from people searching for a default username on Cisco router. It's ages-old news, but there is no default username. Period. If you have to get access to a router and cannot remember the password(s), the only thing left is the password recovery mechanism ... although even that can be disabled with the no service password-recovery configuration command.

There are, however, a few things you can do if you want to relax the access to your router in a lab environment (never do it in a production network):

  • If you configure no enable password, you can switch to enable mode without supplying a password
  • If you want to telnet to a router without supplying a password, configure no login on the vty lines.
  • If you want to be in privilege mode immediately after accessing the router, configure privilege level on the console or vty lines.

12 comments:

  1. Ivan,

    I believe the newer 1800/2800/3800 routers that come with SDM actually have default level 15 username/passwords configured of cisco/cisco.

    R.

    ReplyDelete
  2. Checked it on IOS release 12.4(9)T - an SDM-enabled router ships only with preconfigured Ethernet interface and no passwords. SDM (or any other HTTP client) can connect to the IOS HTTP(S) server without authentication if the enable password is not configured.

    ReplyDelete
  3. Oops ... reading the Cisco documentation it looks like a router preconfigured for SDM Express actually has username/password set to cisco. All the other facts in my previous comment are still true, though :).

    ReplyDelete
  4. Please see Cisco Bug ID's CSCse65910 and CSCek35024. One is an AAA bug to add a 'one-time' keyword to the username config command and the other is a SDM bug to utilize the 'one-time' keyword.

    ReplyDelete
  5. I do not remember setting a username and I've tried cisco = no good. I tried all possible username I might have given, to no avail. How can I get past this?

    ReplyDelete
  6. Google for "cisco password recovery"

    ReplyDelete
  7. yeah cisco/cisco really works for me thanks, how could I forget that, I used to remember this, thanks anyway.
    :)

    ReplyDelete
  8. i have the same problem i tried to use default username and password but show me that invalid.i tried to reset password still same problem.what a good way to save this?

    ReplyDelete
  9. Google for "password recovery" for your model and follow the steps.

    ReplyDelete
  10. One trick which is worthwhile is to configure your own routers with a default username and password (eg "user admin password blah"). Then configure your RADIUS servers to deny access to that user ID. Configure your routers to check RADIUS, then the local usernames.

    The result is a default password which cannot be used whilst the device has connectivity.

    ReplyDelete
  11. what if I reset my router, what is the default password ?

    ReplyDelete
  12. On the Cisco router when he says there is no default username/password he means just click log in

    ReplyDelete

You don't have to log in to post a comment, but please do provide your real name/URL. Anonymous comments might get deleted.

Ivan Pepelnjak, CCIE#1354, is the chief technology advisor for NIL Data Communications. He has been designing and implementing large-scale data communications networks as well as teaching and writing books about advanced technologies since 1990. See his full profile, contact him or follow @ioshints on Twitter.