The client uses profile files ('''*.pcf'''),inthat whichstore anVPN encryptedpasswords passwordeither for[[Cryptographic thehash VPNfunction|hashed]] networkwith is[[type usually7]], or stored as [[cleartext]]. A vulnerability has been identified,<ref name="cSec">{{cite web|url=http://www.cisco.com/warp/public/707/cisco-sn-20040415-grppass.shtml|title=Cisco Security Notice: Cisco IPsec VPN Implementation Group Password Usage Vulnerability}}</ref> and those passwords can easily be decoded using software or online services.<ref>{{cite web|url=http://www.unix-ag.uni-kl.de/~massar/bin/cisco-decode|title=Cisco Systems VPN Client Group Password Decoder}}</ref> To workaround these issues, network administrators are advised to use the Mutual Group Authentication feature, or use unique passwords (that aren't related to other important network passwords).<ref name="cSec"/>
