Cisco device – local credentials

This post describes some notes about locally stored Cisco usernames, passwords and privileges.

Quick Notes

  1. there are 16 levels of privileges on Cisco device (from 0 to 15)
  2. by default, when you type enable command you get into level 15 (all commands allowed)
  3. for every level you can specify password and secret password. The second one has precedence.
  4. for every level you can specify which commands are allowed
  5. you can define username and its password
  6. for every user you can define its privilege level (default level when user login)
  7. you enable username/password login feature with login local command


The following example:

  1. define privilege level 3 – this level allows to enter configure command withing exec mode
  2. define password for privilege level 3
  3. define username with password; user was gained privilege level 3
  4. enable login with username/password on console line
ap(config)# privilege exec level 3 configure
ap(config)# enable password level 3 SecretPswd3
ap(config)# username lukas privilege 3 password 0 mypass
ap(config)# line console 0
ap(config-line)# login local

Leave a Reply

Your email address will not be published. Required fields are marked *