With a factory configuration a Cisco router, switch or access point comes without any serial console setup. This means connect a serial console to your laptop (I use a Serial-2-USB adapter) and you're in. To protect the Cisco console from this some commands have to be set to get a user and password prompt to log in. The method I'm using is with Cisco's new AAA model (Authentication, Authorization and Accounting) and a group.
In my opinion using aaa new-model now gives later a benefit if I want to move to RADIUS or TACACS. Also to use AAA groups is quite simple.
rtr-881(config)# aaa new-model rtr-881(config)# aaa authentication login grp.console local-case rtr-881(config)# aaa authorization console
rtr-881(config)# username [user] secrect [secretpassword]
After I created the AAA ground and the user I am going to apply it to line con 0 as shown below.
rtr-881(config)# line con 0 rtr-881(config-line)# login authentication grp.console rtr-881(config-line)# exit rtr-881(config)# exit
Press RETURN to get started. User Access Verification Username: [user] Password: [secretpassword]
If you set up logins with RADIUS or TACACS, just put the AAA group for RADIUS or TACACS in line con 0. Don't forget to wr mem after a successful test.