Challenge handshake authentication protocol

Edit online

RADIUS also supports the use of the PPP's CHAP for password protection.

With CHAP, the user's password is not sent across the network. Instead, an MD5 hash of the password is sent, and the RADIUS server reconstructs the hash from the user's information, including the stored password, then compares this with the value sent by the client.