By default, all passwords that we configure on Cisco devices are in text form and can be easily readable.
Anyone with the access of device can run show command and can view or find passwords.
We can prevent this by encrypting all passwords on the Cisco device.
Command to encrypt all password on the device
Switch(config)# service password-encryption
Service password-encryption command applies to all passwords.
Service password-encryption prevents unauthorized user from viewing passwords in configuration file.