Many access control systems rely upon password-based mechanisms to implement "something you know" security. One of the common applications of password security is to secure virtual private networks and other remote access technologies. In this video, learn how password authentication works, including the CHAP and PAP protocols.
- [Narrator] Many access control systems…rely upon password-based mechanisms…to implement something you know security.…One of the most common applications of password security…is to secure virtual private networks…and other remote access technologies.…Let's take a look at the protocols used…to implement remote access password security.…The password authentication protocol, or PAP,…is the earliest of these protocols.…In this protocol the client wishes…to authenticate to a server,…and both the client and server know the user's password.…
The client simply transmits the username and password…to the server and the server validates the password.…That's about as simple as it gets,…and successfully implements password authentication.…But there's one major flaw to this protocol.…PAP does not use any encryption…to protect this communication.…Anyone able to eavesdrop on the connection…can read the username and password…right off the network.…For this reason, PAP should not be used…except under circumstances where the transmission…
To join one of Mike's free study groups for access to bonus tips and practice questions, visit certmike.com.
- Identity and access management
- Using access cards and biometrics
- Multifactor authentication
- Password authentication protocols
- Device authentication
- Identity management life cycle
- Access control lists
Skill Level Intermediate
Q: This course was updated on 05/18/2018. What changed?
A: New videos were added that cover subject/object model. In addition, the following topics were updated: registration and identity proofing, SSO and federation, and advanced authorization concepts.