Reset Cisco 2960 switch password without losing configurations

It is quite embarrassing when you are trying to re-configure your switch and unable to remember what the password is. Yes, i am not good at remembering password since I got to manage lots of devices.

Okay, let’s get back to the point, how to reset the password of the switch and not losing existing configurations? well…see my notes below, if you are the one who has encountered the same problem!

First, power off the switch and connect the console cable to the port on the back of the switch. The parameter for your terminal emulator should be set to as followings:

Baud rate: 9600
Data bits: 8
Stop bits: 1
No parity
None flow control

Then power on the switch and keep holding the “mode” button on the front panel until seeing the screen below:

Using driver version 1 for media type 1
Using driver version 1 for media type 2
Base ethernet MAC Address: a4:0c:c3:f1:d8:00
Xmodem file system is available.
The password-recovery mechanism is enabled.
The system has been interrupted prior to initializing the
flash filesystem. The following commands will initialize
the flash filesystem, and finish loading the operating
system software:

Enter flash_init to init the flash system and you will see the ouput on your screen likes below:

-- MORE --
mifs[8]: 5 files, 1 directories
mifs[8]: Total bytes : 524288
mifs[8]: Bytes used : 9216
mifs[8]: Bytes available : 515072
mifs[8]: mifs fsck took 1 seconds.
mifs[9]: 12 files, 3 directories
mifs[9]: Total bytes : 57671680
mifs[9]: Bytes used : 19113472
mifs[9]: Bytes available : 38558208
mifs[9]: mifs fsck took 41 seconds.
...done Initializing Flash.

Type “dir flash:” to list files and directories on the current flash system:

switch: dir flash:
Directory of flash:/
    2  -rwx  676       <date>               vlan.dat
3 -rwx 2239 <date> config.text
4 drwx 512 <date> crashinfo_ext
6 -rwx 156 <date> express_setup.debug
7 -rwx 5 <date> private-config.text
8 drwx 512 <date> crashinfo
11 -rwx 556 <date> vlan.dat.renamed
12 -rwx 18591722 <date> c3750e-universalk9-mz.150-1.SE3.bin
13 -rwx 4973 <date> config.text.renamed
14 -rwx 5 <date> private-config.text.renamed
15 -rwx 2072 <date> multiple-fs
38558208 bytes available (19113472 bytes used)

In order to backup our existing configuration file, type the following command:

rename flash:config.text flash:config.text.old

The issue “boot” to continue the boot up process. After finished booting process, you will see the screen below and just type “no” to skip switch re-configuration process.

--- System Configuration Dialog ---
Enable secret warning
In order to access the device manager, an enable secret is required
If you enter the initial configuration dialog, you will be prompted for the enable secret
If you choose not to enter the intial configuration dialog, or if you exit setup without setting the enable secret,
please set an enable secret using the following CLI in configuration mode-
enable secret 0 <cleartext password>
Would you like to enter the initial configuration dialog? [yes/no]:
% Please answer 'yes' or 'no'.
Would you like to enter the initial configuration dialog? [yes/no]:no

Then enter the enable mode and rename the configuration file back to its original name. After all, copy the configuration into memory:

Switch#rename flash:config.text.old flash:config.text
Destination filename [config.text]?
Switch#copy flash:config.text system:running-config
Destination filename [running-config]?

Then we can start to change the password by:

*Mar 1 00:05:14: %LINK-5-CHANGED: Interface FastEthernet0, changed state to administratively down
*Mar 1 00:05:15: %LINK-5-CHANGED: Interface Vlan1, changed state to administratively down
FA_TPE#conf t
Enter configuration commands, one per line. End with CNTL/Z.
FA_TPE(config)#enable secre
FA_TPE(config)#enable secret
FA_TPE(config)#enable secret
FA_TPE(config)#enable secret your_new_password_here
FA_TPE#write memory

And we are done here. Issue “reload” and then we can manage our switch with the new password. Cheers!