Revision as of 13:52, 5 February 2024 edit Frap (talk \| contribs) Extended confirmed users, File movers, Pending changes reviewers, Rollbackers 35,597 edits mNo edit summary ← Previous edit		Revision as of 23:56, 29 March 2024 edit undo 2600:100c:b24b:d71c:5140:5650:2d8c:ead3 (talk) No edit summary Tags: Reverted Visual edit Mobile edit Mobile web edit Next edit →
Line 15: The [[Lightweight Extensible Authentication Protocol]] (LEAP) method was developed by [[Cisco Systems]] prior to the [[IEEE]] ratification of the [[802.11i]] security standard.<ref>{{cite magazine\|title=Ultimate wireless security guide: An introduction to LEAP authentication\|author=George Ou\|date=January 11, 2007\|url=http://www.techrepublic.com/article/ultimate-wireless-security-guide-an-introduction-to-leap-authentication/\|magazine= [[TechRepublic]] \|access-date = 2008-02-17}}</ref> Cisco distributed the protocol through the CCX (Cisco Certified Extensions) as part of getting 802.1X and dynamic [[Wired Equivalent Privacy\|WEP]] adoption into the industry in the absence of a standard. There is no native support for LEAP in any [[Windows operating system]], but it is widely supported by third-party client software most commonly included with WLAN (wireless LAN) devices. [[Lightweight Extensible Authentication Protocol\|LEAP]] support for Microsoft Windows 7 and Microsoft Windows Vista can be added by downloading a client add in from Cisco that provides support for both LEAP and EAP-FAST. Due to the wide adoption of LEAP in the networking industry many other WLAN vendors{{Who\|date=January 2015}} claim support for LEAP. LEAP uses a modified version of [[MS-CHAP]], an [[authentication]] protocol in which user credentials are not strongly protected and easily compromised; an exploit tool called ASLEAP was released in early 2004 by Joshua Wright.<ref>{{cite web\|title=Look Before You LEAP\|date=October 1, 2003\|author=Dan Jones\|url=http://www.unstrung.com/document.asp?doc_id=41185\|publisher=Unstrung\|access-date=2008-02-17\|url-status=dead\|archive-url=https://web.archive.org/web/20080209200945/http://www.unstrung.com/document.asp?doc_id=41185\|archive-date=February 9, 2008}}</ref> Cisco recommends that customers who absolutely must use LEAP do so only with sufficiently complex passwords, though complex passwords are difficult to administer and enforce. Cisco's current recommendation is to use newer and stronger EAP protocols such as EAP-FAST, ~~[[Protected Extensible Authentication Protocol\|~~PEAP]], or EAP-TLS. ==={{anchor\|EAP-TLS}}EAP Transport Layer Security (EAP-TLS)===

Extensible Authentication Protocol: Difference between revisions