Password Authentication Protocol

A password authentication protocol (PAP) is an authentication protocol that uses a password.

PAP is used by Point to Point Protocol to validate users before allowing them access to server resources. Almost all network operating system remote servers support PAP.

PAP transmits unencrypted ASCII passwords over the network and is therefore considered insecure. It is used as a last resort when the remote server does not support a stronger authentication protocol, like CHAP or EAP (while the last is actually a framework).

Password-based authentication is the protocol that two entities share a password in advance and use the password as the basic of authentication. Existing password authentication scheme can be categorized into two types: weak-password authentication schemes and strong-password authentication schemes. In general, strong-password authentication protocols have the advantages over the weak-password authentication schemes in that their computational overhead are lighter, designs are simpler, and implementation are easier, and therefore are especially suitable for some constrained environments.

• Client sends username and password
• Server sends authentication-ack (if credentials are OK) or authentication-nak (otherwise)

PAP packet embedded in a PPP frame. The protocol field has a value of C023 (hex).

• CHAP - Challenge-Handshake Authentication Protocol
• EAP - Extensible Authentication Protocol
• RFC 1334 – PPP Authentication Protocols
• Password-authenticated key agreement protocols
• SAP - Service Access Point

This computer networking article is a stub. You can help Wikipedia by expanding it.

• v
• t
• e