Secure Storage and Transport of User Credentials

Marco Macala marco.macala at
Wed Jul 11 14:37:35 CEST 2012

The problem is, that I do not trust the network and I don't want to store
the password in plain.

Also, isn't the NT Hash insecure beacuse it is easily cracked? Or am i
mixing things up?

2012/7/11 alan buxey <A.L.M.Buxey at>

> Hi,
> >    is there a way to securely transport and store the Username/Password
> with
> >    freeradius?
> >    If I am informed correctly, you can use PEAP to ensure that the data
> is
> >    encrypted but the most supported PEAP mode is with MSCHAPv2 which
> implies
> >    that the passwords are stored in clear text or NT-Hash.
> ....PEAP will securely transport things - as with MSCHAPv2 the password is
> never sent.
> whether the passwords are stored in plain/nt-has format is down to how you
> are doing things..
> if they are stored in AD then they are not stored in a plain format.
> alan
> -
> List info/subscribe/unsubscribe? See
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the Freeradius-Users mailing list