Menu
Home
People
Places
Arts
History
Plants & Animals
Science
Life & Culture
Technology
Reference.org
Password Authentication Protocol
open-in-new
<h2 id="other-uses-of-pap">Other uses of PAP</h2> <p>PAP is also used to describe password authentication in other protocols such as <a href="/facts/RADIUS/NfNur5Q5">RADIUS</a> and <a href="/facts/Diameter_(protocol)/d6mkAmuI">Diameter</a>. However, those protocols provide for transport or network layer security, and therefore that usage of PAP does not have the security issues seen when PAP is used with PPP. </p> <h2 id="benefits-of-pap">Benefits of PAP</h2> <p>When the client sends a clear-text password, the authentication server will receive it, and compare it to a "known good" password. Since the authentication server has received the password in clear-text, the <a href="/facts/Password/WEoul230">format of the stored password</a> can be chosen to be secure "at rest". If an attacker were to steal the entire database of passwords, it is computationally infeasible to reverse the function to recover a plaintext password. </p><p>As a result, while PAP passwords are less secure when sent over a PPP link, they allow for more secure storage "at rest" than with other methods such as <a href="/facts/Challenge-handshake_authentication_protocol/N80U6AFs">CHAP</a>. </p> <h2 id="working-cycle">Working cycle</h2> <p>PAP authentication is only done at the time of the initial link establishment, and verifies the identity of the client using a <a href="/facts/Handshake_(computing)/fqKIh1VW">two-way handshake</a>. </p> <ol><li>Client sends username and password. This is sent repeatedly until a response is received from the server.</li> <li>Server sends authentication-ack (if credentials are OK) or authentication-nak (otherwise)<a class="footnote-ref" id="fnref:2" href="#fn:2"><sup>2</sup></a></li></ol> <h2 id="pap-packets">PAP packets</h2> <table><tbody><tr><th><p>Description</p></th><th>1 byte</th><th>1 byte</th><th>2 bytes</th><th>1 byte</th><th>Variable</th><th>1 byte</th><th>Variable</th></tr><tr><td>Authentication-request</td><td>Code = 1</td><td>ID</td><td>Length</td><td>Username length</td><td>Username</td><td>Password length</td><td>Password</td></tr><tr><td>Authentication-ack</td><td>Code = 2</td><td>ID</td><td>Length</td><td>Message length</td><td>Message</td><td></td><td></td></tr><tr><td>Authentication-nak</td><td>Code = 3</td><td>ID</td><td>Length</td><td>Message length</td><td>Message</td><td></td><td></td></tr></tbody></table> <p>PAP packet embedded in a PPP frame. The protocol field has a value of C023 (hex). </p> <table><tbody><tr><th>Flag</th><th>Address</th><th>Control</th><th>Protocol (C023 (hex))</th><th>Payload (table above)</th><th>FCS</th><th>Flag</th></tr></tbody></table> <h2 id="see-also">See also</h2> <ul><li>SAP – <a href="/facts/Service_Access_Point/gvnuSkvh">Service Access Point</a></li></ul> <h2 id="notes">Notes</h2> <ul><li>Lloyd, Brian; Simpson, William Allen (1992). <a href="https://datatracker.ietf.org/doc/html/rfc1334#page-2">"Password Authentication Protocol"</a>. <a href="https://datatracker.ietf.org/doc/html/rfc1334"><i>PPP Authentication Protocols</i></a>. <a href="/facts/Internet_Engineering_Task_Force/tIcCsFhX">IETF</a>. p. 2. <a href="/facts/Doi_(identifier)/muM9Etpq">doi</a>:<a href="https://doi.org/10.17487%2FRFC1334">10.17487/RFC1334</a>. <a href="/facts/Request_for_Comments/esftTvE7">RFC</a> <a href="https://datatracker.ietf.org/doc/html/rfc1334">1334</a>. Retrieved 16 July 2015.</li></ul> <h2 id="references">References</h2> <ol> <li id="fn:1"><p>"Password Authentication Protocol (PAP)". GeeksforGeeks. 2018-07-17. Retrieved 2020-11-08. <a href="https://www.geeksforgeeks.org/password-authentication-protocol-pap/" target="_blank">https://www.geeksforgeeks.org/password-authentication-protocol-pap/</a> <a href="#fnref:1" class="footnote-back-ref">↩</a></p></li> <li id="fn:2"><p>Forouzan (2007). Data Commn & Networking 4E Sie. McGraw-Hill Education (India) Pvt Limited. pp. 352–. ISBN 978-0-07-063414-5. Retrieved 24 November 2012. <a href="978-0-07-063414-5" target="_blank">978-0-07-063414-5</a> <a href="#fnref:2" class="footnote-back-ref">↩</a></p></li> </ol>