On Jul 15, 2016, at 1:20 PM, freeradius-users@latter.org wrote:
On 15/07/16 16:52, Arran Cudbard-Bell wrote:
No. All modern supplicants and authentication clients use MSCHAPv2.
Sounds promising.
The most common applications are PEAPv0 and PPTP.
There's not a huge advantage in storing unsalted MD4 hashed passwords.
In terms of security? It ticks the box marked "did the best we could".
No, the best you could would be to use EAP-TLS, because PEAP and TTLS are horrifically insecure in their current OSX and Windows implementations.
And it does protect those who use long passwords.
Not really, you just need to find a collision, the length of the password doesn't matter for that type of attack. It does stop an attacker using the collided password with another service, that's about it. -Arran