CHAP (Challenge-Handshake Authentication Protocol) is a more secure procedure for connecting to a system than the Password Authentication Procedure (PAP). Here's how CHAP works:
- After the link is made, the server sends a challenge message to the connection requestor. The requestor responds with a value obtained by using a one-way hash function.
- The server checks the response by comparing it its own calculation of the expected hash value.
- If the values match, the authentication is acknowledged; otherwise theconnection is usually terminated.