Disabling password recovery capability

Password recovery capability controls console user access to the device configuration and SDRAM from Boot ROM menus.

If password recovery capability is enabled, a console user can access the device configuration without authentication to configure new passwords.

If password recovery capability is disabled, console users must restore the factory-default configuration before they can configure new passwords. Restoring the factory-default configuration deletes the next-startup configuration files.

To prevent illegal users to access the startup configuration files, disable password recovery capability.

Availability of Boot ROM menu options varies by password recovery capability setting. For more information, see the release notes.

To disable password recovery capability:

Step

Command

Remarks

1. Enter system view.

system-view

N/A

2. Disable password recovery capability.

undo password-recovery enable

By default, password recovery capability is enabled.