Password Authentication Protocol

Also found in: Acronyms, Wikipedia.

Password Authentication Protocol

(PAP) An authentication scheme used by PPP servers to validate the identity of the originator of the connection.

PAP applies a two-way handshaking procedure. After the link is established the originator sends an id-password pair to the server. If authentication succeeds the server sends back an acknowledgement; otherwise it either terminates the connection or gives the originator another chance.

PAP is not a strong authentication method. Passwords are sent over the circuit "in the clear" and there is no protection against playback or repeated "trial and error" attacks. The originator is in total control of the frequency and timing of the attempts. Therefore, any server that can use a stronger authentication method, such as CHAP, will offer to negotiate that method prior to PAP. The use of PAP is appropriate, however, if a plaintext password must be available to simulate a login at a remote host.

PAP is defined in RFC 1334.
Mentioned in ?
References in periodicals archive ?
Based on the above analysis, one-time password authentication protocol has characteristics of simple designation, lightweight computational overhead and high efficiency, which are suitable for Ad hoc network.
In response to an increasing emphasis on tight security, especially for remote users linking back to corporate enterprise networks, the Prestige models feature a password-protected system management terminal; user authentication by the Password Authentication Protocol (PAP) and Challenge Handshake Authentication Protocol (CHAP) for PPP links between routers; and PPP call back that allows only authorized analog dial-up WAN connections to a network.
The iSharer201 also acts as a firewall between the LAN and the Internet, maintaining security via Password Authentication Protocol (PAP) and the Challenge Handshake Authentication Protocol (CHAP).
In addition, each data packet is encrypted using industry-standard encryption algorithms including Microsoft Point-to-Point Encryption (MPPE) and authentication methods such as Challenge Handshake Authentication Protocol (MS-CHAP) and Password Authentication Protocol (PAP).
For initial dial-in security, the LRS32F supports the Password Authentication Protocol (PAP) and Challenge Handshake Authentication Protocol (CHAP).