Definition

Extensible Authentication Protocol (EAP)

Contributor(s): William Burdick

The Extensible Authentication Protocol (EAP) is a protocol for wireless networks that expands on authentication methods used by the Point-to-Point Protocol (PPP), a protocol often used when connecting a computer to the Internet. EAP can support multiple authentication mechanisms, such as token cards, smart cards, certificates, one-time passwords, and public key encryption authentication.

Here's how it works: in communications using EAP, a user requests connection to a wireless network through an access point (a station that transmits and receives data, sometimes known as a transceiver). The access point requests identification (ID) data from the user and transmits that data to an authentication server. The authentication server asks the access point for proof of the validity of the ID. After the access point obtains that verification from the user and sends it back to the authentication server, the user is connected to the network as requested.

This was last updated in September 2005

Next Steps

With mobile devices in mind, MFA software adds security measures (via smartphones and biometrics) to standard user name/password logins for many services and servers; while other multifactor authentication solutions couple mobile defense with an SSO tool that connects to a directory service such as Active Directory (AD) during the sign-in process.

Continue Reading About Extensible Authentication Protocol (EAP)

The Internet Society defines EAP in RFC 3748.

How to implement secure access?

From security protocols to wireless analyzers, learn wireless security best practices in this learning guide

Learn how to reduce wireless risks and best practices for designing, deploying and monitoring secure WLANs

Tips to control mobile authentication and authorization in this slideshow on mobile enterprise security threats

Dig Deeper on Web authentication and access control

All
News
Get Started
Evaluate
Manage
Problem Solve

Start the conversation

Send me notifications when other members comment.

-ADS BY GOOGLE

File Extensions and File Formats

A
B
C
D
E
F
G
H
I
J
K
L
M
N
O
P
Q
R
S

T
U
V
W
X
Y
Z
#

Powered by:

SearchCloudSecurity

How to monitor AWS credentials with the new Trailblazer tool

A security researcher introduced a tool called Trailblazer, which aims to simplify monitoring AWS credentials. Expert Dave ...
The time to consider SIEM as a service has arrived

Now even your SIEM comes in the as-a-service model. Assess whether it's time to consider outsourcing this fundamental tool in ...
How the NetSpectre vulnerability affects the cloud

The NetSpectre vulnerability performs side-channel attacks to read data across networks. Learn how to use threat modeling to stop...

SearchNetworking

VMware faces strong challengers in cloud systems management

VMware topped IDC's latest vendor ranking in the cloud systems management market. But the analyst firm said the market is too ...
How SD-WAN services could improve application metrics

In this roundup of network blogs, industry insiders dissect SD-WAN's role in application metrics, the future of 5G growth and the...
Comcast gigabit service ready in 39 states

Comcast gigabit cable is now available to 58 million homes and businesses in 39 states. Comcast completed the rollout as AT&T and...

SearchCIO

How secure-by-design ITSM processes can be a business differentiator

Secure ITSM procedures are essential to digital organizations' data protection processes. They can also be a bottom line boon, ...
Staring down cybersecurity risks in the digital organization

For cybersecurity strategies to be successful, digitized companies must find the balance between the benefits and risks that come...
Embedded IT, global talent to define future of IT jobs

As more businesses identify as tech companies, what's the future of IT jobs? Many IT teams will work remotely on a gig-by-gig ...

SearchEnterpriseDesktop

How to manage cookie privacy in the enterprise

Cookies can make life easier for users by preventing them from having to re-enter passwords and preferences on websites, but they...
Understanding third-party Windows 10 security tools

Third-party security tools provide value and new utilities for Windows 10 desktop administrators. IT should consider ...
Create an email phishing test to minimize attack vectors

With email phishing testing, IT can improve its end-user security. Phishing attacks prey on user ignorance, so IT can use a test ...

SearchCloudComputing

Estimate cloud computing costs prior to app migration

Enterprises should enlist a number of resources, including cost calculators and third-party tools, to assess what they'll pay for...
Containers, cloud orchestration tools rattle DevOps foundation

Any form of virtualization that disconnects infrastructure from apps threatens the foundation of DevOps and could push IT toward ...
Machine learning tools ease cloud security, log management

Machine learning has increasingly found a home in enterprise cloud management teams, but the technology is still far from being a...

ComputerWeekly.com

The importance of adopting an evergreen IT strategy

Today's modern IT systems are potentially tomorrow's legacy technology problems, without an "evergreening strategy" in place
A new era of collaboration for the NHS

Great Ormond Street Hospital's new research and innovation unit, Drive, marks a significant shift towards greater collaboration ...
Zeppelin uses Splunk for pre-emptive maintenance

German construction equipment rental firm Zeppelin has been using Splunk to predict when its machinery will need maintenance ...

Close