Tech moves fast! Stay ahead of the curve with Techopedia!
Join nearly 200,000 subscribers who receive actionable tech insights from Techopedia.
Password Authentication Protocol (PAP) is a simple user authentication protocol that does not encrypt the data and sends the password and username to the authentication server as plain text. PAP is very vulnerable to being read from the Point-to-Point Protocol (PPP) data packets exchanged between the authentication server and the user’s machine. This was primarily used when connecting to old Unix-based servers with no support for more advanced encryption protocols.
When PAP is used, the username and password are sent into a remote access server as a single LCP package, instead of the server sending a login request prompt and then waiting for a reply from the user.
There are certain instances where PAPs are considered useful:
When an installed software does not support CHAP or Challenge Handshake Authentication Protocol, a more secure authentication protocol
When there exists incompatibility issues between varied vendor implementations of CHAP
When there are certain events where a simple plaintext password should be available in order to simulate a login at a remote host