Lightweight Extensible Authentication Protocol: Difference between revisions

LEAP uses a modified version of [[MS-CHAP]], an [[authentication]] protocol in which user credentials are not strongly protected. Stronger authentication protocols employ a [[salt (cryptography)|salt]] to strengthen the credentials against eavesdropping during the authentication process. Cisco's [http://www.cisco.com/warp/public/707/cisco-sn-20030802-leap.shtml response] to the weaknesses of LEAP suggests that network administrators either force users to have stronger, more complicated [[passwords]] or move to another authentication protocol also developed by Cisco, [[EAP-FAST]], to ensure security.<ref>{{citeweb|title=Cisco Security Notice: Dictionary Attack on Cisco LEAP Vulnerability|url=http://www.cisco.com/warp/public/707/cisco-sn-20030802-leap.shtml|publisher=cisco.com|accessdate=2008-02-22}}</ref> Automated tools like [http://asleap.sourceforge.net/ ASLEAP] demonstrate the simplicity of getting unauthorized access in networks protected by LEAP implementations.