LEAP (Lightweight Extensible Authentication Protocol) definition

LEAP (Lightweight Extensible Authentication Protocol) is a Cisco-proprietary version of EAP, the authentication protocol used in wireless networks and Point-to-Point connections. LEAP is designed to provide more secure authentication for 802.11 WLANs (wireless local area networks) that support 802.1X port access control.

LEAP uses dynamic Wired Equivalent Privacy (WEP) keys that are changed with more frequent authentications between a client and a RADIUS server. WEP keys are less likely to be cracked -- and less long-lived if cracked -- due to this frequency.

However, LEAP's reliance upon a version of the MS-CHAP protocol means that user credentials may not be adequately protected. More stringent authentication protocols employ a salt (a random string of data that modifies a password hash).

Cisco, Microsoft and RSA Security are promoting a more secure version of EAP, Protected Extensible Authentication Protocol (PEAP), as an Internet standard. That protocol is expected to displace LEAP.

This was first published in July 2008

Next Steps

Now that you have background information on LEAP, brush up on the history of authentication in the enterprise and the evolution of multifactor authentication technology specifically, from key fobs to smartphones and mobile devices. Learn what questions enterprises need to ask before investing in multifactor authentication products.

Continue Reading About LEAP (Lightweight Extensible Authentication Protocol)

Dig Deeper on Web Authentication and Access Control



Find more PRO+ content and other member only offers, here.

Related Discussions

Margaret Rouse asks:

Do you still use LEAP?

1  Response So Far

Join the Discussion



Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

File Extensions and File Formats

Powered by: