How does the service password-encryption command enhance password security?

• A. It generates a random password for each user on the device.
• B. It encrypts passwords stored in configuration files to protect them.
• C. It disables password requirements entirely for management access.
• D. It allows multiple users to share the same password securely.

Answer: (B)

The service password-encryption command enhances password security by encrypting passwords that are stored in the device's configuration files. This means that plain text passwords, which would otherwise be visible in the configuration, are transformed into a more secure format that is not easily readable. By doing so, this command helps protect sensitive information from unauthorized access whenever someone views the device's configuration. This encryption serves as an essential security measure, especially in scenarios where the configuration files may be exposed to individuals who should not access the sensitive passwords.

In contrast, other methods presented do not improve password security. Generating random passwords is not a function of this command, and disabling password requirements would actually reduce security, not enhance it. Likewise, sharing a single password among multiple users does not contribute to security, as it can lead to accountability issues and the risk of the password being compromised.