Authentication Protocols: Your Guide to the Basics

This article provides an overview of three authentication protocols: Password Authentication Protocol (PAP), Challenge Handshake Authentication Protocol (CHAP), and Extensible Authentication Protocol (EAP). PAP is a simple, easily understood protocol that sends sensitive credentials repeatedly in plaintext, making it vulnerable to eavesdropping and man-in-the-middle attacks. CHAP requires both the server and client to run passwords through a hash function along with an OTP, offering more security than PAP but still sending payloads in cleartext. EAP is a flexible authentication framework that supports 40 different methods, including EAP-MD5, EAP-TLS, and EAP-FAST. Each method has its own pros and cons, with EAP-TLS being one of the most secure options.