#Disable Password Recovery
IOS release 12.3T (and 12.4) introduced a great security feature:
the ability to disable password recovery (using the well-known break key sequence)
with the no service password-recovery global configuration command.
However, once you configure this feature on some routers,
you might have no means whatsoever to get it under control if you forget the password.
Switch3#show version | in password
The password-recovery mechanism is enabled.
Switch3#configure terminal
Switch3(config)#no service password-recovery
Switch3(config)#do show version | in password
The password-recovery mechanism is disabled.
Switch3#write
Switch3#reload
[ Send the break signal at this point ]
PASSWORD RECOVERY IS DISABLED.
Do you want to reset the router to factory default
configuration and proceed [y/n] ? y
Reset router configuration to factory default.
Note:
Switch3(config)# config-register 0x2142
Password recovery is disabled, cannot enable diag or ignore configuration.
Switch3(config)# service password-recovery
Switch3(config)# config-register 0x2142
