[1] PAP intro on WiKi
[2] CHAP intro on WiKi
[3]
PAP transmits unencrypted ASCII passwords over the network and is therefore considered insecure. It is used as a last resort when the remote server does not support a stronger authentication protocol, like CHAP or EAP (the latter is actually a framework). [1]
CHAP requires that both the client and server know the plaintext of the secret, although it is never sent over the network.[2]
No comments:
Post a Comment