Password Authentication Protocol (PAP), Shiva Password Authentication Protocol (SPAP) and Challenge Handshake Authentication Protocol (CHAP) are too weak to be allowed. 2.

• Password Authentication Protocol (PAP). • Protected Extensible Authentication Protocol (PEAP). • Microsoft Challenge Handshake Authentication Protocol Version 2 (MS-CHAPv2).

PAP leaves the company’s security policy exposed by providing user identity over the Internet. The benefits of using a centralized authentication mechanism such as RADIUS are strong.

User authentication policies in Cisco ISE enable you to provide authentication for a number of user login session types using a variety of standard authentication protocols including, but not limited ...