The client uses profile files (*.pcf) that store VPN passwords either [[Cryptographic hash function|hashed]] with [[type 7]], or stored as [[cleartext]]. A vulnerability has been identified,<ref name="cSec">{{cite web|url=http://www.cisco.com/warp/public/707/cisco-sn-20040415-grppass.shtml|title=Cisco Security Notice: Cisco IPsec VPN Implementation Group Password Usage Vulnerability}}</ref> and those passwords can easily be decoded using software or online services.<ref>{{cite web|url=http://www.unix-ag.uni-kl.de/~massar/bin/cisco-decode|title=Cisco Systems VPN Client Group Password Decoder}}</ref> To work around these issues, network administrators are advised to use the Mutual Group Authentication feature, or use unique passwords (that aren't related to other important network passwords).<ref name="cSec"/>
