What is PAP (Password Authentication Protocol)?

PAP provides simple authentication to authenticate a user-configured on a remote access server or on an ISP (Internet Service Provider).

What is PAP (Password Authentication Protocol)?

PAP (Password Authentication Protocol)

PAP authenticates a user accessing certain resources and is a sub-authentication method used in the connection of the PPP protocol.

In addition, this protocol transmits unencrypted ASCII passwords, which means it is an insecure protocol. If the remote access server does not support a stronger authentication protocol, this protocol is used as the authentication process.

The Password Authentication Protocol functions as a two-way handshake. In addition, it uses the plaintext password transmission used in older SLIP systems but is not absolutely secure. It can be used for TTLS authentication as a simple use case.

How Does It Work?

It is a type of computer communication cryptographic protocol specifically designed for the transfer of authentication data between two devices.

The device receiving these packets authenticates the connected device and reports the type of information required. Thus, it allows the connected device to authenticate.

Although PAP is an old authentication method, it is initiated by the client sending a packet with credentials at the beginning of the connection and the client sends the authentication request until it receives an acknowledgment.

The client is extremely insecure as it clearly transmits credentials in the packet it sends. In this case, it may be vulnerable to even the simplest attacks, such as eavesdropping or agent-based attacks between client and access server.

Thanks to this verification, it acts as the most basic and simple protection layer required for secure communication in computer networks.


  1. PAP is a simple protocol to implement and configure on any computer, regardless of the memory or processor capacity of the hardware it may have.
  2. It is very useful for testing operations and communications when setting up a computer network.


  1. It does not use encryption, so the messages that the client sends to the server are visible by the intervention of the physical layer, making it insecure.
  2. It is not recommended for use by corporate or companies with very sensitive data, as it is vulnerable to message replication attacks and passive eavesdropping attacks.

Differences Between PAP and CHAP

PAP operates with a standard login logic and the remote system authenticates itself using a username and password.

CHAP uses a more advanced and secure method of authentication by creating a unique identity for each authentication.

The method CHAP uses is by using one-way hashing functions of client and server names to authenticate. Therefore, CHAP is much more secure than PAP, since all the transmitted information is dynamic.

   Related Articles

L2TP Protocol
L2F Protocol
PPTP Protocol
RTP Protocol
RTCP Protocol

Add a Comment

Your email address will not be published. Required fields are marked *