Extensible Authentication Protocol (EAP) Authentication Using Only a Password, August 2010
- File formats:
- Updated by:
- RFC 8146
- D. Harkins
- NON WORKING GROUP
Discuss this RFC: Send questions or comments to the mailing list [email protected]
This memo describes an Extensible Authentication Protocol (EAP) method, EAP-pwd, which uses a shared password for authentication. The password may be a low-entropy one and may be drawn from some set of possible passwords, like a dictionary, which is available to an attacker. The underlying key exchange is resistant to active attack, passive attack, and dictionary attack. This document is not an Internet Standards Track specification; it is published for informational purposes.
For the definition of Status, see RFC 2026.
For the definition of Stream, see RFC 8729.