Which configuration must be used?

An engineer must configure the strongest password authentication to locally authenticate on a router.

Which configuration must be used?
A . username netadmin secret 5 $1$b1Ju$kZbBS1Pyh4QzwXyZ1kSZ2
B . username netadmin secret 9 $9$vFpMf8elb4RVV8$seZ/bDAx1uV
C . username netadmin secret $1$b1Ju$k406689705QzwXyZ1kSZ2
D . line Console 0
password $1$b1Ju$

View Answer

Answer: B

Explanation:

Scrypt is safer than MD5, so answer A is wrong and answer D is correct

R1(config)#username user secret ?

0 Specifies an UNENCRYPTED secret will follow

5 Specifies a MD5 HASHED secret will follow

8 Specifies a PBKDF2 HASHED secret will follow

9 Specifies a SCRYPT HASHED secret will follow

<0-9> Encryption types not explicitly specified

LINE The UNENCRYPTED (cleartext) user secret

LINE The UNENCRYPTED (cleartext) user secret

+ The enable password command should no longer be used. Use enable secret instead. username joeblow password mypass command should no longer be used. Use username joeblow secret mypass instead.

+ Type 4 Passwords should never be used!

+ Use Type 6, Type 8 and Type 9 wherever possible.

+ Type 0, Type 5 and Type 7 should be migrated to other stronger methods.

Reference: https://community.cisco.com/t5/networking-documents/understanding-the-differences-between-the-cisco-password-secret/ta-p/3163238