Activating or deactivating password encryption, Activating or deactivating password encryption 6 – Allied Telesis AT-8100 Series User Manual

Chapter 84: Local Manager Accounts

1386

Activating or Deactivating Password Encryption

Password encryption controls the manner in which the switch stores the
plaintext passwords of manager accounts and command mode restriction
in the running configuration. When password encryption is enabled (the
default setting), plaintext passwords are stored in encrypted form. When
password encryption is disabled, plaintext passwords are stored in
plaintext. For more information, refer to “Password Encryption” on
page 1379

To activate password encryption, issue the SERVICE PASSWORD-
ENCRYPTION command in the Global Configuration mode:

awplus> enable
awplus# configure terminal
awplus(config)# service password-encryption

When password encryption is activated, the switch searches the running
configuration for plaintext passwords and encrypts them. It also
automatically encrypts the plaintext passwords of new manager accounts.

To disable password encryption, use the NO SERVICE PASSWORD-
ENCRYPTION command:

awplus> enable
awplus# configure terminal
awplus(config)# no service password-encryption

The switch searches the running configuration and decrypts passwords
that were initially created in plaintext.

To keep passwords permanently encrypted, even when password
encryption is disabled, create them in encrypted form when you use the
USERNAME command, as explained in “Creating Local Manager
Accounts” on page 1381. The switch does not decrypt passwords created
in their encrypted form, even when password encryption is disabled.