The Extensible Authentication Protocol (EAP) is a protocol for wireless networks that expands on authentication methods used by the Point-to-Point Protocol (PPP), a protocol often used when connecting a computer to the Internet. EAP can support multiple authentication mechanisms, such as token cards, smart cards, certificates, one-time passwords, and public key encryption authentication.
Here's how it works: in communications using EAP, a user requests connection to a wireless network through an access point (a station that transmits and receives data, sometimes known as a transceiver). The access point requests identification (ID) data from the user and transmits that data to an authentication server. The authentication server asks the access point for proof of the validity of the ID. After the access point obtains that verification from the user and sends it back to the authentication server, the user is connected to the network as requested.
With mobile devices in mind, MFA software adds security measures (via smartphones and biometrics) to standard user name/password logins for many services and servers; while other multifactor authentication solutions couple mobile defense with an SSO tool that connects to a directory service such as Active Directory (AD) during the sign-in process.
Continue Reading About Extensible Authentication Protocol (EAP)
- From security protocols to wireless analyzers, learn wireless security best practices in this learning guide
- Learn how to reduce wireless risks and best practices for designing, deploying and monitoring secure WLANs
Dig Deeper on Web Authentication and Access Control