Content deleted Content added
m Dating maintenance tags: {{Citation needed}} |
|||
Line 40:
A CA certificate must be used at each client to authenticate the server to each client before the client submits authentication credentials. If the CA certificate is not validated, in general it is trivial to introduce a fake Wireless Access Point which then allows gathering of [[MS-CHAPv2]] handshakes.<ref name="Man-in-the-Middle in Tunneled Authentication Protocols">{{cite web|title=Man-in-the-Middle in Tunneled Authentication Protocols|url=//eprint.iacr.org/2002/163.pdf|publisher=Nokia Research Center|accessdate=14 November 2013}}</ref>
Several weaknesses have been found in MS-CHAPv2, some of which severely reduce the complexity of brute-force attacks making them feasible with modern hardware.{{Citation needed|date=November 2016}}
== PEAPv1 with EAP-GTC ==
| |||