The authentication process in this protocol is always initializedinitiated by the server/host and can be performed anytime during the session, even repeatedly. ServerThe server sends a random string (usually 128B long). The client uses the password and the string received as parametersinput forto MD5a hash function and then sends the result together with username in plain text. ServerThe server uses the username to apply the same function and compares the calculated and received hash. An authentication is successful orwhen the calculated and received hashes unsuccessfulmatch.
