Ideally, all passwords associated with your routers would be stored on an external AAA server; however, it is often necessary to locally store passwords on a router. If someone were to see that router’s running configuration, she would be able to see any of those passwords, if they were in clear text. Therefore, a best-practice security recommendation is to encrypt any passwords appearing in a router’s configuration.
Cisco IOS has a few different passwords that you might want to encrypt (or represent as a hash value), including the enable secret password, line password, and username password.
Enable Secret Password
The enable secret password can be used to give a network engineer full privileges on a router. This password ...