Sometimes, you forget the password of the Cisco ASA, and you are not able to access the device via CLI and GUI. In that case, you need to do password recovery in order to access the device. You need to connect the ASA with Console cable. Below is the procedure on Cisco ASA 5545-X.
Step 1: Power cycle the ASA
Remove the power cable from power supply and put it back. Now, ASA will try to reboot.
Step 2: Enter into Rommon mode
When ASA reboots, you will see a message in console saying enter Escape key to enter to Rommon mode. Press Escape within 10 seconds, otherwise the device will be boot into user exec mode. When you successfully enter to the Rommon mode, you will see the below promt.
rommon #1>
Step 3: Change the config register value
Change the config register value to 0*41 by entering the below command. This will skip the startup config when the device boots. Please note that the default config register value of ASA is 0*1.
rommon #1>confreg 0*41
Step 4: Boot the device
Boot the device using “boot” command in Rommon mode.
rommon #2>boot
Step 5: Enter to privilege exec mode
Then the device will boot as if a new box without loading the existing config.
ciscoasa>enable
Password: <There is no password set, so hit enter>
ciscoasa#
Step 6: Copy the existing startup config to running config
ciscoasa# copy start run
Step 7: Reset the passwords
ciscoasa(config)#username <put the username> password <put the password>
ciscoasa(config)#Password <put the password>
ciscoasa(config)#enable password <put the password>
Step 8: revert the config register changes that we had set in Rommon mode
ciscoasa(config)#no config-register
Step 9: Save the config to startup memory.
ciscoasa#write memory
Now, you have successfully recovered the password. If you want to verify the config register value, then check the bottom of “show version” output.