Yrs, if you don't care about security and verification of server cert, then just username and password will work with PEAP. Some clients will throw up warning messages (that users ignore)..messages can be reduced by using a CA that is known by the clients. The above is not best practice under any security front alan
Alan Buxey <A.L.M.Buxey@lboro.ac.uk> wrote:
Yrs, if you don't care about security and verification of server cert, then just username and password will work with PEAP. Some clients will throw up warning messages (that users ignore)..messages can be reduced by using a CA that is known by the clients.
The above is not best practice under any security front
Oh yes, I just read the wikipedia about all that stuff about chap and pap and PEAP and MS-chapv2 and EAP and TLS and so on. This is heavy rock. Andreas
Hi,
Oh yes, I just read the wikipedia about all that stuff about chap and pap and PEAP and MS-chapv2 and EAP and TLS and so on. This is heavy rock.
its proper protection of credentials ..and proper trust/verification that you are sending your details to the right place (well, with PEAPv0/MSCHAPv2 you are only taking part in a challenge-response and the password itself is never divulged... unlike EAP-TTLS/PAP... alan
participants (3)
-
Alan Buxey -
alan buxey -
Andreas Meyer