Controlling Switch Access with Passwords and
Privilege Levels
• Restrictions for Controlling Switch Access with Passwords and Privileges, on page 1
• Information About Passwords and Privilege Levels, on page 2
• How to Control Switch Access with Passwords and Privilege Levels, on page 4
• Monitoring Switch Access, on page 16
• Configuration Examples for Setting Passwords and Privilege Levels, on page 16
• Additional References, on page 18
Restrictions for Controlling Switch Access with Passwords
and Privileges
The following are the restrictions for controlling switch access with passwords and privileges:
• Disabling password recovery will not work if you have set the switch to boot up manually by using the
boot manual global configuration command. This command produces the boot loader prompt (switch:)
after the switch is power cycled.
Restrictions and Guidelines for Reversible Password Types
• Password type 0 and type 7 are deprecated. So password type 0 and type 7, used for administrator login
to Console, Telnet, SSH, webUI, and NETCONF, must be migrated to password type 8 or type 9.
• No action is required if username and password are type 0 and type 7 for local authentication such as
CHAP, EAP and so on for ISG and Dot1x.
• Enable password type 0 and type 7 must be migrated to password type 8 or type 9.
• Type 6 encrypted password is supported for username and password. Auto-conversion of password type
0 and password type 7 to password type 6 is also supported.
Controlling Switch Access with Passwords and Privilege Levels
1
Restrictions and Guidelines for Irreversible Password Types
• Password type 5 is deprecated. Password type 5 must be migrated to stronger password type 8 or type
9.
• For username secret password type 5 and for enable secret password type 5, migrate to type 8 or type 9.
• Plain text passwords are converted to non-reversible encrypted password type 9.
• Secret password type 4 is not supported.
Information About Passwords and Privilege Levels
Default Password and Privilege Level Configuration
A simple way of providing terminal access control in your network is to use passwords and assign privilege
levels. Password protection restricts access to a network or network device. Privilege levels define what
commands users can enter after they have logged into a network device.
This table shows the default password and privilege level configuration.
Table 1: Default Password and Privilege Levels
Default SettingFeature
No password is defined. The default is level 15 (privileged EXEC
level). The password is not encrypted in the configuration file.
Enable password and privilege level
No password is defined. The default is level 15 (privileged EXEC
level). The password is encrypted before it is written to the
configuration file.
Enable secret password and privilege
level
No password is defined.Line password
Additional Password Security
To provide an additional layer of security, particularly for passwords that cross the network or that are stored
on a Trivial File Transfer Protocol (TFTP) server, you can use either the enable password or enable secret
global configuration commands. Both commands accomplish the same thing; that is, you can establish an
encrypted password that users must enter to access privileged EXEC mode (the default) or any privilege level
you specify.
We recommend that you use the enable secret command because it uses an improved encryption algorithm.
If you configure the enable secret command, it takes precedence over the enable password command; the
two commands cannot be in effect simultaneously.
If you enable password encryption, it applies to all passwords including username passwords, authentication
key passwords, the privileged command password, and console and virtual terminal line passwords.
Controlling Switch Access with Passwords and Privilege Levels
2
Controlling Switch Access with Passwords and Privilege Levels
Restrictions and Guidelines for Irreversible Password Types
Password Recovery
By default, any end user with physical access to the switch can recover from a lost password by interrupting
the boot process while the switch is powering on and then by entering a new password.
The password-recovery disable feature protects access to the switch password by disabling part of this
functionality. When this feature is enabled, the end user can interrupt the boot process only by agreeing to set
the system back to the default configuration. With password recovery disabled, you can still interrupt the boot
process and change the password, but the configuration file (config.text) and the VLAN database file (vlan.dat)
are deleted.
If you disable password recovery, we recommend that you keep a backup copy of the configuration file on a
secure server in case the end user interrupts the boot process and sets the system back to default values. Do
not keep a backup copy of the configuration file on the switch. If the switch is operating in VTP transparent
mode, we recommend that you also keep a backup copy of the VLAN database file on a secure server. When
the switch is returned to the default system configuration, you can download the saved files to the switch by
using the Xmodem protocol.
To re-enable password recovery, use the service password-recovery global configuration command.
Terminal Line Telnet Configuration
When you power-up your switch for the first time, an automatic setup program runs to assign IP information
and to create a default configuration for continued use. The setup program also prompts you to configure your
switch for Telnet access through a password. If you did not configure this password during the setup program,
you can configure it when you set a Telnet password for a terminal line.
Username and Password Pairs
You can configure username and password pairs, which are locally stored on the switch. These pairs are
assigned to lines or ports and authenticate each user before that user can access the switch. If you have defined
privilege levels, you can also assign a specific privilege level (with associated rights and privileges) to each
username and password pair.
Privilege Levels
Cisco devices use privilege levels to provide password security for different levels of switch operation. By
default, the Cisco IOS software operates in two modes (privilege levels) of password security: user EXEC
(Level 1) and privileged EXEC (Level 15). You can configure up to 16 hierarchical levels of commands for
each mode. By configuring multiple passwords, you can allow different sets of users to have access to specified
commands.
Privilege Levels on Lines
Users can override the privilege level you set using the privilege level line configuration command by logging
in to the line and enabling a different privilege level. They can lower the privilege level by using the disable
command. If users know the password to a higher privilege level, they can use that password to enable the
higher privilege level. You might specify a high level or privilege level for your console line to restrict line
usage.
Controlling Switch Access with Passwords and Privilege Levels
3
Controlling Switch Access with Passwords and Privilege Levels
Password Recovery
For example, if you want many users to have access to the clear line command, you can assign it level 2 security
and distribute the level 2 password fairly widely. But if you want more restricted access to the configure
command, you can assign it level 3 security and distribute that password to a more restricted group of users.
Command Privilege Levels
When you set a command to a privilege level, all commands whose syntax is a subset of that command are
also set to that level. For example, if you set the show ip traffic command to level 15, the show commands
and show ip commands are automatically set to privilege level 15 unless you set them individually to different
levels.
AES Password Encryption and Master Encryption Keys
You can enable strong, reversible 128-bit Advanced Encryption Standard (AES) password encryption, also
known as type-6 encryption. To start using type-6 encryption, you must enable the AES password encryption
feature and configure a master encryption key, which is used to encrypt and decrypt passwords.
After you enable AES password encryption and configure a master key, all existing and newly created clear-text
passwords for supported applications are stored in type-6 encrypted format, unless you disable type-6 password
encryption. You can also configure the device to convert all existing weakly encrypted passwords to type-6
encrypted passwords.
Type 0 and type 7 passwords can be autoconverted to type 6 if the AES password encryption feature and
master encryption key are configured.
Type 6 username and password are backward compatible to Cisco IOS XE Gibraltar 16.10.x. If you downgrade
to any release version lower than Cisco IOS XE Gibraltar 16.10.1, type 6 username and password will be
rejected. After autoconversion, to avoid an administrator password getting rejected during a downgrade,
migrate the passwords used for administrator logins (management access) to irreversible password types
manually.
Note
How to Control Switch Access with Passwords and Privilege
Levels
Setting or Changing a Static Enable Password
The enable password controls access to the privileged EXEC mode. Follow these steps to set or change a
static enable password:
SUMMARY STEPS
1. enable
2. configure terminal
3. enable password password
4. end
5. show running-config
Controlling Switch Access with Passwords and Privilege Levels
4
Controlling Switch Access with Passwords and Privilege Levels
AES Password Encryption and Master Encryption Keys
6. copy running-config startup-config
DETAILED STEPS
PurposeCommand or Action
Enables privileged EXEC mode.enable
Step 1
Example:
• Enter your password if prompted.
Device> enable
Enters global configuration mode.configure terminal
Example:
Step 2
Device# configure terminal
Defines a new password or changes an existing password
for access to privileged EXEC mode.
enable password password
Example:
Step 3
By default, no password is defined.
Device(config)# enable password secret321
For password, specify a string from 1 to 25 alphanumeric
characters. The string cannot start with a number, is case
sensitive, and allows spaces but ignores leading spaces. It
can contain the question mark (?) character if you precede
the question mark with the key combination Crtl-v when
you create the password; for example, to create the password
abc?123, do this:
a. Enter abc.
b. Enter Crtl-v.
c. Enter ?123.
When the system prompts you to enter the enable password,
you need not precede the question mark with the Ctrl-v;
you can simply enter abc?123 at the password prompt.
Returns to privileged EXEC mode.end
Example:
Step 4
Device(config)# end
Verifies your entries.show running-config
Example:
Step 5
Device# show running-config
Controlling Switch Access with Passwords and Privilege Levels
5
Controlling Switch Access with Passwords and Privilege Levels
Setting or Changing a Static Enable Password
PurposeCommand or Action
(Optional) Saves your entries in the configuration file.copy running-config startup-config
Example:
Step 6
Device# copy running-config startup-config
Protecting Enable and Enable Secret Passwords with Encryption
Follow these steps to establish an encrypted password that users must enter to access privileged EXEC mode
(the default) or any privilege level you specify:
SUMMARY STEPS
1. enable
2. configure terminal
3. Use one of the following:
• enable password [level level]
{password encryption-type encrypted-password}
• enable secret [level level]
{password encryption-type encrypted-password}
4. service password-encryption
5. end
6. show running-config
7. copy running-config startup-config
DETAILED STEPS
PurposeCommand or Action
Enables privileged EXEC mode.enable
Step 1
Example:
• Enter your password if prompted.
Device> enable
Enters global configuration mode.configure terminal
Example:
Step 2
Device# configure terminal
Use one of the following:
Step 3
• Defines a new password or changes an existing
password for access to privileged EXEC mode.
• enable password [level level]
{password encryption-type encrypted-password}
• Defines a secret password, which is saved using a
nonreversible encryption method.
Controlling Switch Access with Passwords and Privilege Levels
6
Controlling Switch Access with Passwords and Privilege Levels
Protecting Enable and Enable Secret Passwords with Encryption
PurposeCommand or Action
• (Optional) For level, the range is from 0 to 15.
Level 1 is normal user EXEC mode privileges.
• enable secret [level level]
{password encryption-type encrypted-password}
The default level is 15 (privileged EXEC mode
privileges).
Example:
Device(config)# enable password example102
• For password, specify a string from 1 to 25
alphanumeric characters. The string cannot start
or
with a number, is case sensitive, and allows
Device(config)# enable secret level 1 password
secret123sample
spaces but ignores leading spaces. By default, no
password is defined.
• (Optional) For encryption-type, the available
options for enable password are type 0 and type
7, and type 0, type 5, type 8, and type 9 for enable
secret. If you specify an encryption type, you
must provide an encrypted password—an
encrypted password that you copy from another
switch configuration.
If you specify an encryption type and then
enter a clear text password, you can not
re-enter privileged EXEC mode. You
cannot recover a lost encrypted password
by any method.
Note
(Optional) Encrypts the password when the password is
defined or when the configuration is written.
service password-encryption
Example:
Step 4
Encryption prevents the password from being readable in
the configuration file.
Device(config)# service password-encryption
Returns to privileged EXEC mode.end
Example:
Step 5
Device(config)# end
Verifies your entries.show running-config
Example:
Step 6
Device# show running-config
(Optional) Saves your entries in the configuration file.copy running-config startup-config
Example:
Step 7
Device# copy running-config startup-config
Controlling Switch Access with Passwords and Privilege Levels
7
Controlling Switch Access with Passwords and Privilege Levels
Protecting Enable and Enable Secret Passwords with Encryption
Disabling Password Recovery
Follow these steps to disable password recovery to protect the security of your switch:
Before you begin
If you disable password recovery, we recommend that you keep a backup copy of the configuration file on a
secure server in case the end user interrupts the boot process and sets the system back to default values. Do
not keep a backup copy of the configuration file on the switch. If the switch is operating in VTP transparent
mode, we recommend that you also keep a backup copy of the VLAN database file on a secure server. When
the switch is returned to the default system configuration, you can download the saved files to the switch by
using the Xmodem protocol.
SUMMARY STEPS
1. enable
2. configure terminal
3. system disable password recovery switch {all | <1-9>}
4. end
DETAILED STEPS
PurposeCommand or Action
Enables privileged EXEC mode.enable
Step 1
Example:
• Enter your password if prompted.
Device> enable
Enters global configuration mode.configure terminal
Example:
Step 2
Device# configure terminal
Disables password recovery.system disable password recovery switch {all | <1-9>}
Step 3
Example:
• all - Sets the configuration on switches in stack.
• <1-9> - Sets the configuration on the Switch Number
selected.
Device(config)# system disable password recovery
switch all
This setting is saved in an area of the flash memory that is
accessible by the boot loader and the Cisco IOS image, but
it is not part of the file system and is not accessible by any
user.
Returns to privileged EXEC mode.end
Example:
Step 4
Device(config)# end
Controlling Switch Access with Passwords and Privilege Levels
8
Controlling Switch Access with Passwords and Privilege Levels
Disabling Password Recovery
What to do next
To remove disable password recovery, use the no system disable password recovery switch all global
configuration command.
Setting a Telnet Password for a Terminal Line
Beginning in user EXEC mode, follow these steps to set a Telnet password for the connected terminal line:
Before you begin
• Attach a PC or workstation with emulation software to the switch console port, or attach a PC to the
Ethernet management port.
• The default data characteristics of the console port are 9600, 8, 1, no parity. You might need to press the
Return key several times to see the command-line prompt.
SUMMARY STEPS
1. enable
2. configure terminal
3. line vty 0 15
4. password password
5. end
6. show running-config
7. copy running-config startup-config
DETAILED STEPS
PurposeCommand or Action
enable
Step 1
If a password is required for access to privileged
EXEC mode, you will be prompted for it.
Note
Example:
Device> enable
Enters privileged EXEC mode.
Enters global configuration mode.configure terminal
Example:
Step 2
Device# configure terminal
Configures the number of Telnet sessions (lines), and enters
line configuration mode.
line vty 0 15
Example:
Step 3
There are 16 possible sessions on a command-capable
Device. The 0 and 15 mean that you are configuring all 16
possible Telnet sessions.
Device(config)# line vty 0 15
Sets a Telnet password for the line or lines.password password
Step 4
Controlling Switch Access with Passwords and Privilege Levels
9
Controlling Switch Access with Passwords and Privilege Levels
Setting a Telnet Password for a Terminal Line
PurposeCommand or Action
Example:
For password, specify a string from 1 to 25 alphanumeric
characters. The string cannot start with a number, is case
Device(config-line)# password abcxyz543
sensitive, and allows spaces but ignores leading spaces. By
default, no password is defined.
Returns to privileged EXEC mode.end
Example:
Step 5
Device(config-line)# end
Verifies your entries.show running-config
Example:
Step 6
Device# show running-config
(Optional) Saves your entries in the configuration file.copy running-config startup-config
Example:
Step 7
Device# copy running-config startup-config
Configuring Username and Password Pairs
Follow these steps to configure username and password pairs:
SUMMARY STEPS
1. enable
2. configure terminal
3. username name [privilege level] {password encryption-type password}
4. Use one of the following:
• line console 0
• line vty 0 15
5. login local
6. end
7. show running-config
8. copy running-config startup-config
DETAILED STEPS
PurposeCommand or Action
Enables privileged EXEC mode.enable
Step 1
Example:
• Enter your password if prompted.
Controlling Switch Access with Passwords and Privilege Levels
10
Controlling Switch Access with Passwords and Privilege Levels
Configuring Username and Password Pairs
PurposeCommand or Action
Device> enable
Enters global configuration mode.configure terminal
Example:
Step 2
Device# configure terminal
Sets the username, privilege level, and password for each
user.
username name [privilege level] {password
encryption-type password}
Step 3
Example:
• For name, specify the user ID as one word or the MAC
address. Spaces and quotation marks are not allowed.
Device(config)# username adamsample privilege 1
• You can configure a maximum of 12000 clients each,
for both username and MAC filter.
password secret456
• (Optional) For level, specify the privilege level the
user has after gaining access. The range is 0 to 15.
Device(config)# username 111111111111 mac attribute
Level 15 gives privileged EXEC mode access. Level
1 gives user EXEC mode access.
• For encryption-type, enter 0 to specify that an
unencrypted password will follow. Enter 7 to specify
that a hidden password will follow. Enter 6 to specify
an encrypted password will follow.
• For password, specify the password the user must enter
to gain access to the device. The password must be
from 1 to 25 characters, can contain embedded spaces,
and must be the last option specified in the username
command.
Enters line configuration mode, and configures the console
port (line 0) or the VTY lines (line 0 to 15).
Use one of the following:
Step 4
• line console 0
• line vty 0 15
Example:
Device(config)# line console 0
or
Device(config)# line vty 15
Enables local password checking at login time.
Authentication is based on the username specified in Step
3.
login local
Example:
Device(config-line)# login local
Step 5
Controlling Switch Access with Passwords and Privilege Levels
11
Controlling Switch Access with Passwords and Privilege Levels
Configuring Username and Password Pairs
PurposeCommand or Action
Returns to privileged EXEC mode.end
Example:
Step 6
Device(config)# end
Verifies your entries.show running-config
Example:
Step 7
Device# show running-config
(Optional) Saves your entries in the configuration file.copy running-config startup-config
Example:
Step 8
Device# copy running-config startup-config
Setting the Privilege Level for a Command
Follow these steps to set the privilege level for a command:
SUMMARY STEPS
1. enable
2. configure terminal
3. privilege mode level level command
4. enable password level level password
5. end
6. copy running-config startup-config
DETAILED STEPS
PurposeCommand or Action
Enables privileged EXEC mode.enable
Step 1
Example:
• Enter your password if prompted.
Device> enable
Enters global configuration mode.configure terminal
Example:
Step 2
Device# configure terminal
Sets the privilege level for a command.privilege mode level level command
Step 3
Controlling Switch Access with Passwords and Privilege Levels
12
Controlling Switch Access with Passwords and Privilege Levels
Setting the Privilege Level for a Command
PurposeCommand or Action
Example:
• For mode, enter configure for global configuration
mode, exec for EXEC mode, interface for interface
Device(config)# privilege exec level 14 configure
configuration mode, or line for line configuration
mode.
• For level, the range is from 0 to 15. Level 1 is for
normal user EXEC mode privileges. Level 15 is the
level of access permitted by the enable password.
• For command, specify the command to which you want
to restrict access.
Specifies the password to enable the privilege level.enable password level level password
Step 4
Example:
• For level, the range is from 0 to 15. Level 1 is for
normal user EXEC mode privileges.
Device(config)# enable password level 14
• For password, specify a string from 1 to 25
alphanumeric characters. The string cannot start with
SecretPswd14
a number, is case sensitive, and allows spaces but
ignores leading spaces. By default, no password is
defined.
Returns to privileged EXEC mode.end
Example:
Step 5
Device(config)# end
(Optional) Saves your entries in the configuration file.copy running-config startup-config
Example:
Step 6
Device# copy running-config startup-config
Changing the Default Privilege Level for Lines
Follow these steps to change the default privilege level for the specified line:
SUMMARY STEPS
1. enable
2. configure terminal
3. line vty line
4. privilege level level
5. end
6. copy running-config startup-config
Controlling Switch Access with Passwords and Privilege Levels
13
Controlling Switch Access with Passwords and Privilege Levels
Changing the Default Privilege Level for Lines
DETAILED STEPS
PurposeCommand or Action
Enables privileged EXEC mode.enable
Step 1
Example:
• Enter your password if prompted.
Device> enable
Enters global configuration mode.configure terminal
Example:
Step 2
Device# configure terminal
Selects the virtual terminal line on which to restrict access.line vty line
Example:
Step 3
Device(config)# line vty 10
Changes the default privilege level for the line.privilege level level
Step 4
Example:
For level, the range is from 0 to 15. Level 1 is for normal
user EXEC mode privileges. Level 15 is the level of access
permitted by the enable password.
Device(config)# privilege level 15
Returns to privileged EXEC mode.end
Example:
Step 5
Device(config)# end
(Optional) Saves your entries in the configuration file.copy running-config startup-config
Example:
Step 6
Device# copy running-config startup-config
What to do next
Users can override the privilege level you set using the privilege level line configuration command by logging
in to the line and enabling a different privilege level. They can lower the privilege level by using the disable
command. If users know the password to a higher privilege level, they can use that password to enable the
higher privilege level. You might specify a high level or privilege level for your console line to restrict line
usage.
Controlling Switch Access with Passwords and Privilege Levels
14
Controlling Switch Access with Passwords and Privilege Levels
Changing the Default Privilege Level for Lines
Logging into and Exiting a Privilege Level
Beginning in user EXEC mode, follow these steps to log into a specified privilege level and exit a specified
privilege level.
SUMMARY STEPS
1. enable level
2. disable level
DETAILED STEPS
PurposeCommand or Action
Logs in to a specified privilege level.enable level
Step 1
Example:
Following the example, Level 15 is privileged EXEC mode.
Device> enable 15
For level, the range is 0 to 15.
Exits to a specified privilege level.disable level
Step 2
Example:
Following the example, Level 1 is user EXEC mode.
Device# disable 1
For level, the range is 0 to 15.
Configuring an Encrypted Preshared Key
To configure an encrypted preshared key, perform the following steps.
SUMMARY STEPS
1. enable
2. configure terminal
3. key config-key password-encrypt [text]
4. password encryption aes
5. end
DETAILED STEPS
PurposeCommand or Action
Enables privileged EXEC mode.enable
Step 1
Example:
• Enter your password if prompted.
Device> enable
Enters global configuration mode.configure terminal
Example:
Step 2
Controlling Switch Access with Passwords and Privilege Levels
15
Controlling Switch Access with Passwords and Privilege Levels
Logging into and Exiting a Privilege Level
PurposeCommand or Action
Device# configure terminal
Stores a type 6 encryption key in private NVRAM.key config-key password-encrypt [text]
Step 3
Example:
• If you want to key in interactively (using the enter key)
and an encrypted key already exists, you will be
Device(config)# key config-key password-encrypt
prompted for the following: Old key, New key, and
Confirm key.
• If you want to key in interactively but an encryption
key is not present, you will be prompted for the
following: New key and Confirm key.
• If you want to remove the password that is already
encrypted, you will see the following prompt:
"WARNING: All type 6 encrypted keys will become
unusable. Continue with master key deletion?
[yes/no]:".
Enables the encrypted preshared key.password encryption aes
Example:
Step 4
Device(config)# password encryption aes
Exits global configuration mode and returns to privileged
EXEC mode.
end
Example:
Step 5
Device(config)# end
Monitoring Switch Access
Table 2: Commands for Displaying DHCP Information
Displays the privilege level configuration.show privilege
Configuration Examples for Setting Passwords and Privilege
Levels
Example: Setting or Changing a Static Enable Password
This example shows how to change the enable password to l1u2c3k4y5. The password is not encrypted and
provides access to level 15 (traditional privileged EXEC mode access):
Controlling Switch Access with Passwords and Privilege Levels
16
Controlling Switch Access with Passwords and Privilege Levels
Monitoring Switch Access
Device(config)# enable password l1u2c3k4y5
Example: Protecting Enable and Enable Secret Passwords with Encryption
This example shows how to configure the encrypted password $1$FaD0$Xyti5Rkls3LoyxzS8 for privilege
level 2:
Device(config)# enable secret level 2 5 $1$FaD0$Xyti5Rkls3LoyxzS8
Example: Setting a Telnet Password for a Terminal Line
This example shows how to set the Telnet password to let45me67in89:
Device(config)# line vty 10
Device(config-line)# password let45me67in89
Example: Setting the Privilege Level for a Command
This example shows how to set the configure command to privilege level 14 and define SecretPswd14 as the
password users must enter to use level 14 commands:
Device(config)# privilege exec level 14 configure
Device(config)# enable password level 14 SecretPswd14
Example: Configuring an Encrypted Preshared Key
The following is an example of a configuration for which a type 6 preshared key has been encrypted. It includes
the prompts and messages that a user might see.
Device> enable
Device# configure terminal
Device(config)# password encryption aes
Device(config)# key config-key password-encrypt
New key:
Confirm key:
Device(config)#
01:46:40: TYPE6_PASS: New Master key configured, encrypting the keys with
the new master key
Device(config)# end
Controlling Switch Access with Passwords and Privilege Levels
17
Controlling Switch Access with Passwords and Privilege Levels
Example: Protecting Enable and Enable Secret Passwords with Encryption
Additional References
Error Message Decoder
LinkDescription
https://www.cisco.com/cgi-bin/Support/Errordecoder/index.cgiTo help you research and resolve system
error messages in this release, use the Error
Message Decoder tool.
MIBs
MIBs LinkMIB
To locate and download MIBs for selected platforms, Cisco IOS releases, and feature sets, use Cisco
MIB Locator found at the following URL:
http://www.cisco.com/go/mibs
Technical Assistance
LinkDescription
http://www.cisco.com/supportThe Cisco Support website provides extensive online resources, including
documentation and tools for troubleshooting and resolving technical issues
with Cisco products and technologies.
To receive security and technical information about your products, you can
subscribe to various services, such as the Product Alert Tool (accessed from
Field Notices), the Cisco Technical Services Newsletter, and Really Simple
Syndication (RSS) Feeds.
Access to most tools on the Cisco Support website requires a Cisco.com user
ID and password.
Controlling Switch Access with Passwords and Privilege Levels
18
Controlling Switch Access with Passwords and Privilege Levels
Additional References
