Hello, I am trying to authenticate wifi users by using WPA enterprise. So far I have a script in the module folder: exec checkuser { wait = yes input_pairs = request output_pairs = reply program = "/etc/raddb/check-user.php -log -debug '%{User-Name}' '%{User-Password}' '%{NAS-IP-Address}' '%{Called-Station-Id}' '%{Calling-Station-Id}' '%{Chap-Password}'" shell_escape = yes } Where I pass the username and password. The script does the rest. It works properly. In my site-enables/default in the authorize section as the last check I have this: update control { Auth-Type := CheckUser } When I test it by using: # radtest adnan myPassword localhost 0 testing123 I clearly get in my log: Found Auth-Type = CheckUser # Executing group from file /etc/raddb/sites-enabled/default +- entering group CheckUser {...} [checkuser] expand: '%{User-Name}' -> 'adnan' [checkuser] expand: '%{User-Password}' -> 'myPassword ' [checkuser] expand: '%{NAS-IP-Address}' -> '172.20.4.1' [checkuser] expand: '%{Called-Station-Id}' -> '' [checkuser] expand: '%{Calling-Station-Id}' -> '' [checkuser] expand: '%{Chap-Password}' -> '' And the value for password is shown in the %{User-Password} variable. So it is passed to my PHP script for further checks. But when I try to login from my Android device I do not get the password, it is empty. I am using the following settings on my Android device, MSCHAPV2, and adding the identity (my username) and password. Is it possible to get the password in plain text from the remote device? I am missing some concept here, is there another way of authentication for WPA enterprise? All help is much appreciated. Regards, Adnan