MS-CHAP is dead MS-CHAP has been in use since 1998. It was Microsoft's answer to the challenge of authenticating users over networks, built into every version of Windows and deeply embedded in VPN and Wi-Fi infrastru... Network Security Best Practices Network Security Protocols
It’s Finally Time to Replace NTLM With Microsoft deprecating MS-CHAP and NTLM, it’s time for enterprise networks to switch to a more secure authentication method: TTLS. Microsoft is finally deprecating its 30-year-old MS-CHAP and NTLM... Network Security Protocols
Importing the root CA The final step to configuring EAP for FreeRADIUS is to add the CA (Certificate Authority) to every client machine tha t performs EAP authentication. Before proceeding with this step, make sure that yo... Network Security Best Practices
Can you use FreeRADIUS and Active Directory together? The short answer is Yes, FreeRADIUS and Active Directory arecompatible with each other . However, there are some constraints and implications for the rest of the system. Like any technology choice, Ac... Network Security Best Practices Network Security Protocols
Configuring FreeRADIUS authentication with PAP (Password Authentication Protocol) Introduction to PAP authentication Password Authentication Protocol (PAP) is one of the most fundamental authentication methods used in Remote Authentication Dial-In User Service (RADIUS). Despite bei... Network Security Best Practices Network Security Protocols
Configuring EAP for FreeRADIUS Once FreeRADIUS has been configured to use PAP , it is straightforward to configure the server to use EAP for authentication. This article will walk through all the necessary steps. Step 1: Install Op... Network Security Best Practices
Command line testing for EAP with FreeRADIUS As part of the process of configuring EAP for FreeRADIUS , you will need to test whether or not it works. If you prefer to use a command line tool rather than clicking through windows, this article wa... Network Security Best Practices
How one-time passwords work One-time passwords (OTP) and multi-factor authentication (MFA) are important mechanisms used to improve security. Both these strategies can combine the username and password credentials with a one-tim... Network Security Best Practices Network Security Protocols
How to connect FreeRADIUS to Active Directory for authentication Active Directory is widely used in the enterprise and university systems. This article describes how to connect FreeRADIUS with Active Directory, allowing you toauthenticate users against your existin... Network Security Best Practices Network Security Protocols
Making RADIUS More Secure As we’ve previously discussed, there are several insecure elements in RADIUS. We are currently working in the IETF (Internet Engineering Task Force) to close those gaps and improve security for everyo... Network Security Protocols
RADIUS password compatibility This article covers password storage compatibility for RADIUS deployments. You'll findan overview of how the RADIUS protocol works here. In order for RADIUS authentication to work, user passwords need... Network Security Best Practices Network Security Protocols
How authentication protocols work Choosing an authentication protocol is one of the most important decisions when designing a RADIUS ecosystem. There are a variety of authentication protocols to choose from, each with their own set of... Network Security Protocols