Authentication Methods for VPN

Source: Internet
Author: User
Tags md5 md5 hash

In addition to VPN authentication using the PPP authentication method, here are a few ways to authenticate a VPN.

Chap:chap negotiates a secure form of cryptographic authentication by using MD5, an industry-standard hashing scheme. CHAP uses a challenge-response mechanism and a one-way MD5 hash in response. In this way, you can prove to the server that the client knows the password, but you do not have to physically send the password to the network.

Ms-chap: Similar to CHAP, Microsoft developed MS-CHAP to authenticate a remote Windows workstation, which uses a challenge-response mechanism and one-way encryption in response. And Ms-chap does not require the use of the original or reversibly encrypted password.

Ms-chap V2:ms-chap v2 is the second edition of the Challenge Handshake Authentication protocol developed by Microsoft, which provides mutual authentication and a stronger initial data key, and sends and receives separate keys. If you configure a VPN connection to use Ms-chap v2 as the only authentication method, both the client and server side will prove their identity, and if the connected server does not provide authentication to itself, the connection is disconnected.

Eap:eap is developed to accommodate the growing demand for authentication with remote access users who use other security devices. By using EAP, you can increase support for many authentication schemes, including token cards, one-time passwords, public key authentication using smart cards, certificates, and other authentication. For VPNs, using EAP protects against brute force or dictionary attacks and password guessing, and provides greater security than other authentication methods, such as chap.

In Windows systems, the EAP authentication method is used for smart card authentication, and the CHAP, Ms-chap, or Ms-chap v2 authentication method is used for authentication through passwords.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.