For various reasons, I often find myself needing to decode a type 7 cisco password. There are many third party tools that can do this for you. This article describes a way to get IOS based routers to show the clear text type 7 password without the need for any third party applications.
To do this, simply copy a type 7 password that includes the password type identifier (“7”). Then create a key chain that contains a keystring using this same scrambled string of characters. If the key chain is shown, it displays the clear text password.
Below is an example of deciphering a type 7 password to its clear text equivalent, “cisco”.
R3(config)#do show run | sec vty
line vty 0 4
password 7 02050D480809
R3(config)#key chain breakpw
R3(config-keychain-key)#key-string 7 02050D480809
R3#show key chain breakpw
key 1 — text “cisco”
accept lifetime (always valid) – (always valid) [valid now]
send lifetime (always valid) – (always valid) [valid now]