PAP transmits unencrypted ASCII passwords over the network and is therefore considered insecure. It is used as a last resort when the remote server does not support a stronger authentication protocol, like CHAP or EAP (while the last is actually a framework).
|Description||1 byte||1 byte||2 bytes||1 byte||Variable||1 byte||Variable|
|Authentication-request||Code = 1||ID||Length||Username length||Username||Password length||Password|
|Authentication-ack||Code = 2||ID||Length||Message length||Username|
|Authentication-nak||Code = 3||ID||Length||Message length||Username|
|Flag||Address||Control||Protocol (C023 (hex))||Payload (table above)||FCS||Flag|
US Patent Issued to iPass on April 5 for "Method and System for Securely Authenticating Network Access Credentials for Users" (California Inventors)
Apr 06, 2011; ALEXANDRIA, Va., April 6 -- United States Patent no. 7,921,290, issued on April 5, was assigned to iPass Inc. "Method and System...
SANs more menaced from within than without: security is a people thing.(Connectivity)(Storage area networks)
Feb 01, 2004; The current turmoil about data security pervades public entities, private enterprises, and the SMB world alike. On the enterprise...