{"id":1488,"date":"2025-06-09T06:06:36","date_gmt":"2025-06-09T06:06:36","guid":{"rendered":"https:\/\/www.certexams.com\/Blog\/?p=1488"},"modified":"2025-06-09T06:06:36","modified_gmt":"2025-06-09T06:06:36","slug":"certexams-com-ccna-labs-configuring-router-console-password","status":"publish","type":"post","link":"https:\/\/www.certexams.com\/Blog\/2025\/06\/09\/certexams-com-ccna-labs-configuring-router-console-password\/","title":{"rendered":"Certexams.com CCNA Labs – Configuring Router Console Password"},"content":{"rendered":"

Configuring a console password on a Cisco IOS router is a fundamental security step to prevent unauthorized physical access to the device. Here’s how you do it:<\/p>\n

Command Steps:<\/strong><\/p>\n

    \n
  1. Enter Global Configuration Mode:<\/strong>\u00a0You start by entering the global configuration mode from the privileged EXEC mode.\n
    \n
    Cisco CLI<\/div>\n
    \n
    \n
    Router> enable\r\nRouter# configure terminal\r\nRouter(config)#\r\n<\/code><\/pre>\n<\/div>\n<\/div>\n<\/div>\n<\/li>\n
  2. Access the Console Line:<\/strong>\u00a0You need to specify that you are configuring the console line (line 0).\n
    \n
    Cisco CLI<\/div>\n
    \n
    \n
    Router(config)# line console 0\r\nRouter(config-line)#\r\n<\/code><\/pre>\n<\/div>\n<\/div>\n<\/div>\n<\/li>\n
  3. Set the Password:<\/strong>\u00a0This command sets the password for console access.\n
    \n
    Cisco CLI<\/div>\n
    \n
    \n
    Router(config-line)# password <your_console_password>\r\n<\/code><\/pre>\n<\/div>\n<\/div>\n<\/div>\n
    Replace\u00a0<your_console_password><\/code>\u00a0with the password you want to set.<\/em><\/li>\n
  4. Enable Login:<\/strong>\u00a0This command tells the router to require a password for console access. Without this command, the password won’t be enforced.\n
    \n
    Cisco CLI<\/div>\n
    \n
    \n
    Router(config-line)# login\r\n<\/code><\/pre>\n<\/div>\n<\/div>\n<\/div>\n<\/li>\n
  5. Set an Executive Timeout (Optional but Recommended):<\/strong>\u00a0This command automatically logs out an inactive console session after a specified time. This is good practice to prevent someone from leaving a console session open.\n
    \n
    Cisco CLI<\/div>\n
    \n
    \n
    Router(config-line)# exec-timeout <minutes> <seconds>\r\n<\/code><\/pre>\n<\/div>\n<\/div>\n<\/div>\n
    Example:\u00a0exec-timeout 10 0<\/code>\u00a0(logs out after 10 minutes of inactivity)<\/em><\/li>\n
  6. Exit Configuration Modes:<\/strong>\n
    \n
    Cisco CLI<\/div>\n
    \n
    \n
    Router(config-line)# exit\r\nRouter(config)# exit\r\nRouter#\r\n<\/code><\/pre>\n<\/div>\n<\/div>\n<\/div>\n<\/li>\n
  7. Save the Configuration:<\/strong>\u00a0To ensure the password persists after a router reload, you must save the running configuration to the startup configuration.\n
    \n
    Cisco CLI<\/div>\n
    \n
    \n
    Router# write memory\r\n<\/code><\/pre>\n<\/div>\n<\/div>\n<\/div>\n
    Or the shorter command:<\/p>\n
    \n
    Cisco CLI<\/div>\n
    \n
    \n
    Router# copy running-config startup-config\r\n<\/code><\/pre>\n<\/div>\n<\/div>\n<\/div>\n<\/li>\n<\/ol>\n
    Example Configuration Script:<\/strong><\/p>\n
    \n
    Cisco CLI<\/div>\n
    \n
    \n
    Router> enable\r\nRouter# configure terminal\r\nRouter(config)# line console 0\r\nRouter(config-line)# password MyC0ns0leP@ssw0rd!\r\nRouter(config-line)# login\r\nRouter(config-line)# exec-timeout 10 0\r\nRouter(config-line)# exit\r\nRouter(config)# exit\r\nRouter# write memory\r\n<\/code><\/pre>\n<\/div>\n<\/div>\n<\/div>\n
    Verification:<\/strong><\/p>\n
    To test if the console password is set, save the configuration, and then try to log in to the console again (either by physically disconnecting and reconnecting the console cable, or by reloading the device if it’s a lab environment). You should be prompted for the console password before getting to the user EXEC mode (Router><\/code>).<\/p>\n
    Important Considerations:<\/strong><\/p>\n