Allows you to encrypt all passwords on your router so they can not be easily guessed from your running-config.
This command uses a very weak encryption because the router has to be very quickly decode the passwords for its operation.
It is meant to prevent someone from looking over your shoulder and seeing the password, that is all.
In the below example we will set a password for telnet then we will encrypt it.
R2(config)#line vty 0 4
R2(config-line)#do sh run | sec vty
Now we will encrypt the password with service password-encryption
To illustrate how easy it is to decode the password, we will make a key chain like you would to authenticate RIP
R2(config)#key chain CRACK_ENCRYPTION
R2#show key chain