Cisco® Password Recover Procedure

So you got your equipment from ebay, and you can't access the equipment by using the console port. This thing keeps asking for a password. You tried test, password, cisco, and nothing works. Now what?

This is your first test.

Cisco has provided a solution: Password Recovery Procedure. As you can see, they have documented the process for every device they made. In a nutshell, the process for most devices is:

  • connect to the console port

  • power the device on

  • do something to interrupt the normal boot process, usually enter a Break character in the first 60 seconds


This process is not really a beginner level skill; however, Cisco has provided excellent instructions, and any hedgeling should be able to follow them. Eventually.

But the process has problems. Not the process, per se, but finding the right key strokes for the Break character can be a wee challenge, if the process calls for a Break sequence.

Here is the process we have developed here at the Institute*:

  1. Create two profiles for your terminal program: putty or Hyperterm:

    • the normal "9600 8N1" profile for normal console access

    • one with "2400 8N1", for using with the Password Recover Procedure

    Name the normal profile something catchy like Cisco. Name the second program something easy to remember like Break.

  2. Start your terminal program with the Break profile (2400 8N1).

  3. Connect to the console port and power on the router.

  4. As soon as the fan starts to turn, start hitting the space bar until you see gibberish on the screen.

  5. Stop the Break profile and start the Cisco profile (9600 8N1). Press enter. The router should respond with ">rommon". Follow the procedure as described in the Password Recovery Procedure.

  6. At some point, you will be instructed to enter “copy start run”. Don’t do it. You do not want the old configuration in the router. Instead, enter “write erase” to delete the stored configuration. If the device is a switch, make sure that you remove any VLAN configuration: "delete flash:vlan.dat". Follow the prompts to complete.

  7. Whatever you do, make sure that you finish the Password Recovery Procedure. Otherwise, the router may not boot correctly, cause a multitude of problems. Of course, you can always do it again and make it work.

Check your hardware to make sure you use the correct process.

*If this process appears as a test question, Cisco is looking for a Break sequence, not a work around like we have shown.