Revision as of 08:17, 8 April 2016 edit LindsayH (talk \| contribs) Extended confirmed users, New page reviewers, Pending changes reviewers 33,413 edits m Reverted good faith edits by 122.2.12.149 (talk): Test edit? using TW ← Previous edit		Revision as of 12:52, 28 November 2016 edit undo Nimpo (talk \| contribs) 20 edits →PEAPv0 with EAP-MSCHAPv2 Next edit →
Line 40: A CA certificate must be used at each client to authenticate the server to each client before the client submits authentication credentials. If the CA certificate is not validated, in general it is trivial to introduce a fake Wireless Access Point which then allows gathering of [[MS-CHAPv2]] handshakes.<ref name="Man-in-the-Middle in Tunneled Authentication Protocols">{{cite web\|title=Man-in-the-Middle in Tunneled Authentication Protocols\|url=//eprint.iacr.org/2002/163.pdf\|publisher=Nokia Research Center\|accessdate=14 November 2013}}</ref> Several weaknesses have been found in MS-CHAPv2, some of which severely reduce the complexity of brute-force attacks making them feasible with modern hardware.{{Citation needed}} == PEAPv1 with EAP-GTC ==

Protected Extensible Authentication Protocol: Difference between revisions