http://www.rfc-editor.org/rfc/rfc5931.txt
RFC 5931: Extensible Authentication Protocol (EAP) Authentication Using Only a Password, D. Harkins, G. Zorn2010-08-01T23:00:00-00:00This memo describes an Extensible Authentication Protocol (EAP) method, EAP-pwd, which uses a shared password for authentication. The password may be a low-entropy one and may be drawn from some set of possible passwords, like a dictionary, which is available to an attacker. The underlying key exchange is resistant to active attack, passive attack, and dictionary attack. This document is not an Internet Standards Track specification; it is published for informational purposes.