NTLM hashed passwords.

freeradius-users at latter.org freeradius-users at latter.org
Fri Jul 15 19:20:25 CEST 2016

On 15/07/16 16:52, Arran Cudbard-Bell wrote:
> No. All modern supplicants and authentication clients use MSCHAPv2.

Sounds promising.

> The most common applications are PEAPv0 and PPTP.
> There's not a huge advantage in storing unsalted MD4 hashed passwords.

In terms of security?  It ticks the box marked "did the best we could".
And it does protect those who use long passwords.  And we might yet
enforce stricter password strengths - the original rules were designed
to deal with (slow) *on-line* attacks.

More information about the Freeradius-Users mailing list