LEAP (Lightweight Extensible Authentication Protocol) is a Cisco-proprietary version of EAP, the authentication protocol used in wireless networks and Point-to-Point connections. LEAP is designed to provide more secure authentication for 802.11 WLANs (wireless local area networks) that support 802.1X port access control.
LEAP uses dynamic Wired Equivalent Privacy (WEP) keys that are changed with more frequent authentications between a client and a RADIUS server. WEP keys are less likely to be cracked -- and less long-lived if cracked -- due to this frequency.
However, LEAP's reliance upon a version of the MS-CHAP protocol means that user credentials may not be adequately protected. More stringent authentication protocols employ a salt (a random string of data that modifies a password hash).
Now that you have background information on LEAP, brush up on the history of authentication in the enterprise and the evolution of multifactor authentication technology specifically, from key fobs to smartphones and mobile devices. Learn what questions enterprises need to ask before investing in multifactor authentication products.