Password Authentication Protocol, sometimes abbreviated PAP, is a simple authentication protocol used to authenticate a user to a network access server used for example by Internet service providers. PAP is used by Point to Point Protocol. Authentication is a process of validating a user, accessing the resources. Almost all Network operating system remote servers support PAP. PAP transmits unencrypted ASCII passwords over the network and is therefore considered insecure. It is used as a last resort when the remote server does not support a stronger authentication protocol, like CHAP or EAP (while the last is actually a framework).
Working cycle
- Client sends username and password
- Server sends authentication-ack (if credentials are OK) or
authentication-nak (otherwise)
PAP Packets
| Description | 1 byte | 1 byte | 2 bytes | 1 byte | Variable | 1 byte | Variable |
|---|---|---|---|---|---|---|---|
| Authentication-request | Code = 1 | ID | Length | Username lenght | Username | Password length | Password |
| Authentication-ack | Code = 2 | ID | Length | Message length | Username | ||
| Authentication-nak | Code = 3 | ID | Length | Message length | Username |
PAP packet embedded in a PPP frame. The protocol field has a value of C023 (hex).
| Flag | Address | Control | Protocol (C023 (hex)) | Payload (table above) | FCS | Flag |
|---|
See also
 | This computer networking article is a stub. You can help Wikipedia by expanding it. |