How to Reset Your Cisco 9300 Switch Password

There are three main reasons you may need to reset your Cisco Catalyst 9300 series switch password: either you’re locked out, your admin is longer with the company, or you’re trying to erase proprietary information from the switch. 

The first scenario is the most dire… if no one knows the password to your switch, you’re in for a bad time. Why? We’ll discuss lockouts and ways to avoid this catastrophe in this blog. 

What is a Cisco Switch and How Does it Work?

Traditional wired networks have routers and switches. Switches connect people to other people in a network, and routers connect people to the internet. 

Cisco 9300 switches are designed for the enterprise environment. They are typically used for IoT, access, security, cloud, and mobility purposes. 

Related reading: How To Configure A Cisco Catalyst 9300 Switch 

How to Reset the Cisco Default Switch Password

Back in the day, the Cisco default username and password used to be “cisco.” Username “cisco,” password “cisco.” Easy enough, and for that reason, many admins still choose this combo for their switches today. Some admins get more literal and choose the “admin admin” combo. 

So, our first piece of advice would be to try one of these default credentials.

Password Recovery for Cisco 9300 Switch

What happens when your admin chooses something more secure (as they should)? The good news is that you can now salvage configurations while also resetting the password.

If there are no backups of the switch’s information, including the password, it’s time for a 9300 factory reset.

How To Complete A Factory Reset For Cisco 9300

**Please note, your switch must be physically disconnected from a stack for the following instructions to work.

Recovering from a Lost or Forgotten Password

1. Connect a terminal or PC to the switches Console port.

2.Connect power

3. Once the ‘System Bootstrap’ message appears, press and hold the Mode button

4. Bypass the stored startup-config with the following command:

switch: SWITCH_IGNORE_STARTUP_CFG=1 [enter]

**ROMMON is case sensitive

5. Locate the switch image you wish to boot

switch: dir flash: [enter]


switch: boot flash: <file name> [enter]

the switch will boot normally and end in switch>

6. Erase all configuration files – to retain prior configuration, please scroll down to 7.

Switch>en [enter]

Switch#erase startup-config [enter]

Switch#reload [enter]

Recovering from a Lost or Forgotten Password – Retaining previous configuration

7. Bypass the startup configuration

Switch>en [enter]

Switch#copy startup-config running-config [enter]

Switch#config t [enter]

Switch (config) #enable secret YOUR-PASSWORD [enter]

Switch (config) #no system ignore startupconfig switch all [enter]

Switch#exit [enter]

Switch#copy running-config startup-config [enter]

Switch#reload [enter]

What happens to my 9300 switch during a factory reset?

This procedure resets the switch to Day 0. What does this mean? You’re going to lose all the configurations and information on your switch. The only thing you won’t lose is the IOS required for the switch to function. 

Recommended Routine Maintenance for Cisco 9300

The long and the short of it is there isn’t any routine maintenance required for these switches, which makes this class of hardware great. Once it’s configured and running in a production environment, there is little concern unless something catastrophic occurs, like a weather event or other act of God. 

Cisco will tell you to stay on top of regular updates to protect your switches from security exploits, but here’s our two cents: It’s impossible to stay on top of every single security exploit, especially at the rate they are released. We would argue that it’s more important to keep your routers and firewalls up to date because they are the moat around your castle. If they get past these devices, they’re in. 

Security updates for access switches are not as critical. If they are functioning as they should in your production environment, there is no maintenance.

Cisco 9300 Switch Best Practices

The best thing you can do to avoid a 9300 password reset is to maintain a database of configurations for recovery purposes. If you have a backup of the configuration, a good solutions provider can ship out a pre-configured switch with next-day delivery, limiting your downtime. 

Other business ramifications of resetting a working switch because of password loss:

• Requires work during a maintenance window
• Lost configurations (some you knew, some you didn’t anticipate)
• Rebuild of configs completed in an uncertain amount of time (you don’t know what you don’t know)
• Costs associated with business downtime

Optimize Your Network Maintenance with Edgeium

We get it — people lose passwords. A top-tier solutions partner is there when you’re in crisis. When you use Edgeium’s CovrEdge, you can add your switch configurations per serial device to our portal. In the event of a switch password reset or switch failure, we can preload a switch with your configurations and have it to you the following day.