Password Authentication Protocol
<networking> (PAP) An authentication scheme used by PPP servers to
validate the identity of the originator of the connection.
PAP applies a two-way handshaking procedure. After the link is established the
originator sends an id-password pair to the server. If authentication succeeds
the server sends back an acknowledgement; otherwise it either terminates the
connection or gives the originator another chance.
PAP is not a strong authentication method. Passwords are sent over the circuit
"in the clear" and there is no protection against playback or repeated "trial
and error" attacks. The originator is in total control of the frequency and
timing of the attempts. Therefore, any server that can use a stronger
authentication method, such as CHAP, will offer to negotiate that method prior
to PAP. The use of PAP is appropriate, however, if a plaintext password must be
available to simulate a login at a remote host.
PAP is defined in RFC 1334.
(1996-03-23)
Nearby terms:
passive matrix display « passphrase « password «
Password Authentication Protocol » paste »
pastie » PAT
|
