Password Recovery Procedure for Cisco SG500 / SG300 Switches
Cisco documentation is out there for this, but searching for it generally only comes back with forum questions and responses. Here’s the consolidated information on how to easily break into a Cisco Small Business switch that has a console port. Generally this is limited to the SG300 and SG500 series switches. If you recall, the 200 series units don’t have a serial console port. This switch happens to be on SW version 1.3.0.03.
Set your serial console connection to 115000 baud, 8 data bits, no parity, 1 stop bit, no flow control, and fire up your favorite terminal program (SecureCRT, putty, etc). I’ve seen the console connection work at 9600 baud (like traditional routers and switches) but it seems to behave better at the Cisco recommended 115000 baud rate for these units.
Reboot the switch by unplugging the power cord. You will see a prompt during boot right after the Cisco logo made out of #s that says “Autoboot in 2 seconds – press RETURN or Esc. to abort and enter prom.”
Hit RETURN and you will get the following startup menu:
 Download Software
 Erase Flash File
 Password Recovery Procedure
 Set Terminal Baud-Rate
 Stack Menu
 System Mode menu
Enter your choice or press ‘ESC’ to exit:
Select “Password Recovery Procedure” by typing 3, and then hit enter
“Current Password will be ignored” will be displayed.
==== Press Enter To Continue ====
It will look like the switch is doing nothing, but just wait it will boot. Once at the prompt you will need to elevate to privilege mode.
Enter global configuration mode
If your switch has an existing configuration that you wish to keep (and only update the login credentials), be sure to first load the saved configuration into memory to update the existing user / password combination. This is a crucial step in gaining access back into your switch, otherwise you would essentially be performing a factory reset on the unit.
Switch# copy startup-config running-config
Create a new username and password combination (username can be whatever, password too so long as it meets complexity requirements)
Switch (config)#>username cisco password P@$$w0rd privilege 15
Save the password into the startup config
Switch#>copy run start
That will set a new password in the running (and startup config) so that you will be able to access the switch after a reboot.
Enter the following command to reboot the system so that you can log in with your new username and password (verifying it will work in subsequent reboots):
Once the switch powers up, login to verify and you’re all set!