"Best" authentication mechanisms for Wi-Fi
Phil Mayers
p.mayers at imperial.ac.uk
Tue May 5 12:22:56 CEST 2015
On 05/05/15 10:12, Hoggins! wrote:
> Do you think that we could find a more "universal" combination that even
> "old" Windows clients would be compatible with ?
As others have stated: for Windows 7 and earlier, the only built-in
username/password auth method is PEAP with MSCHAP inner, which requires
NT hashed passwords.
The other alternatives are to install software onto those platforms that
supports TTLS with PAP, or to use EAP-TLS with client certificates. Both
have a deployment burden.
There is no easy option here, I'm afraid.
More information about the Freeradius-Users
mailing list