Configure Password Hash

You can configure the Secure Hash Algorithm (SHA) level for password hash security. After a password hash level change, all custom users and passwords are deleted, and on first login each default user must change their default password.

Before you begin

  • You must use an account with read-write-all privileges to change password hash.

About this task

Configure the password hash level as SHA1 or SHA2.

Procedure

  1. Enter Global Configuration mode:

    enable

    configure terminal

  2. Change the password hash level:

    password hash sha1|sha2

  3. Read the warning prompt, then confirm the password hash change:

    y

Example

Switch:1>enable

Switch:1#configure terminal

Change password hash to SHA2 512-bit hash value:

Switch:1(config)# password hash sha2

Warning: Changing the password hash will reset all existing passwords and users to Factory defaults. All custom Users will be deleted. Are you sure you want to proceed (y/n) ? y