MS-CHAP is dead MS-CHAP has been in use since 1998. It was Microsoft's answer to the challenge of authenticating users over networks, built into every version of Windows and deeply embedded in VPN and Wi-Fi infrastru... Network Security Protocols
The RADIUS protocol: How it works and why it's secure Learn how security-by-design improvements have transformed RADIUS into a more secure protocol than the expensive platforms built on top of it. “Is RADIUS secure?” is one of the most common questions n... Network Security Protocols
How one-time passwords work One-time passwords (OTP) and multi-factor authentication (MFA) are important mechanisms used to improve security. Both these strategies can combine the username and password credentials with a one-tim... Network Security Protocols
RADIUS password compatibility This article covers password storage compatibility for RADIUS deployments. You'll findan overview of how the RADIUS protocol works here. In order for RADIUS authentication to work, user passwords need... Network Security Protocols
How authentication protocols work Choosing an authentication protocol is one of the most important decisions when designing a RADIUS ecosystem. There are a variety of authentication protocols to choose from, each with their own set of... Network Security Protocols
PAP vs CHAP: A complete security comparison PAP and CHAP are both RADIUS authentication protocols, but they trade off security in opposite places. PAP transmits passwords between the customer and the NAS in the clear, while allowing passwords t... Network Security Protocols
Is PAP secure? A complete analysis of PAP authentication security PAP is secure when used correctly. Despite the common claim that PAP sends passwords in clear text, in practice PAP passwords are encrypted by the RADIUS shared secret before transmission, and can be ... Network Security Protocols
Network authentication protocols: compatibility between systems and methods In many network configurations, there will be some transactions for which the RADIUS server will not perform the authentication itself, but simply pass credentials to a third-party system and rely on ... Network Security Protocols