What is the password authentication protocol?

The password authentication log is a way of sending passwords over the network. Passwords are sent unexpiched after the initial link with a remote computer. This protocol is not considered safe and is used only when connected to an older UNIX computer that does not support safer verification.

Initial connection is done using two -way handshake. Once the initial link is created and then a pair of ID/password is sent to a remote server. The verification application is sent repeatedly from the client until the application is confirmed or terminated. To accept the password, the remote server must hand over the password authentication log log using the Verification Code code. If the password is not accepted, the remote server must hand over the Password Verification Packet using the Authenticate-Nak code and the connection is terminated.

The password verification protocol is considered to be an uncertain method of transmission. Passwords are sent over a network in a simple text form and are easy to read from the log packets (PPp) point-to-point. There are no protective devices to ensure the password before sniffing the password, playing or attacks on trial and error. The client is also in charge of the frequency and timing of attempts to connect a password.

Password verification protocol has been overcome by more secure protocols such as Challenge Handshake Protocol (Chap) and Extenchans Authentication Protocol (EAP). More secure protocols are used by encryption techniques for verification purposes. Chap is used PPP servers. EAP uses wireless networks and Point-to-Point connection.

Handshake Challenge protocol verifies the client's identity through a three -way handshake and shared secrets. After establishing the initial link to the distancer, the client sends a message. The client calculates a one -way hash that combines challenge and secrets and sends the hash back to the server.

server checks the value againstIt confirms its own calculated value and, if coincided, confirms the connection. If the values ​​of the hash do not match, the connection is terminated. This procedure is repeated at random intervals, while the client and the server are connected.

The expandable verification protocol is a verification frame, not a real authentication protocol. EAP only defines the message format and provides common functions and negotiations of verification methods. There are a large number of EAP protocols defined by both requests for comments (RFC) and specific suppliers.