Am 07.03.25 um 13:46 schrieb Alan DeKok:
If people tell you that MS-CHAP is more secure because "it doesn't send passwords in clear-text", they're either incompetent or lying. PAP is pretty much always better than CHAP or MS-CHAP. Agreed. In real life,it turns out that, as a remainder of the MS monopoly, _all_ vendors of WiFi clients MUST support and test MS-CHAPv2 properly to survive commercially -- counterexamples welcome :-) They MAY support PAP in addition. With a server side not speaking MS-CHAPv2, odds are your life gets harder, especially if you're running a BYOD service.
Cheers, Martin -- Dr. Martin Pauly Phone: +49-6421-28-23527 HRZ Univ. Marburg Fax: +49-6421-28-26994 Hans-Meerwein-Str. E-Mail: pauly@HRZ.Uni-Marburg.DE D-35032 Marburg