Your browser failed to load CSS style sheets. Your browser or web proxy might not support elliptic-curve TLS

Building network automation solutions

9 module online course

Start now!
back to overview

Recovering from expired one-time username

A reader sent me an interesting question:

Do you have any advice for resetting/logging into a router (2821) where the one time user of cisco:cisco has already been used?

I couldn't offer any better advice than performing the regular password recovery procedure. Is there another solution?

This article is part of You've asked for it series.

Please read our Blog Commenting Policy before writing a comment.


  1. What about real OTP?

    A challenge-response OTP would help immensely when dealing with outsiders who want temp access.

  2. As long as you have not done a write mem, a reboot will allow you to use the one time password again

  3. The issue in this case would be that router will not allow you to go to rommon by using simple ctrl+break. Follow the steps

    1) Turn off the router
    2) remove the flash
    3) turn on the router
    4) router will now go to rommon !!
    5) change register value to 0x2142.
    6) reset
    7) turn off the router
    8) place the flash back
    9) THE END

    Hope this helps

  4. Pappyar, unless you know what you are talking about please do not offer advise!
    Cisco configs are held in NVRAM not Flash, removing the flash will prevent the router from booting nothing else.
    As Adam says a simple power reset will allow the use of the OTP as long as the config has not been saved. If you do need to do a full password recovery then issuing a break sequence during bootup and then confreg 0x2142 will make the router ignore the startup-configuration. >:o


Constructive courteous comments are most welcome. Anonymous trolling will be removed with prejudice.