資料來源 : Free On-Line Dictionary of Computing

Password Authentication Protocol
     
         (PAP) An {authentication} scheme used by {PPP}
        servers to validate the identity of the originator of the
        connection.
     
        PAP applies a two-way {handshaking} procedure.  After the link
        is established the originator sends an id-password pair to the
        server.  If authentication succeeds the server sends back an
        acknowledgement; otherwise it either terminates the connection
        or gives the originator another chance.
     
        PAP is not a strong authentication method.  Passwords are sent
        over the circuit "in the clear" and there is no protection
        against playback or repeated "trial and error" attacks.  The
        originator is in total control of the frequency and timing of
        the attempts.  Therefore, any server that can use a stronger
        authentication method, such as {CHAP}, will offer to negotiate
        that method prior to PAP.  The use of PAP is appropriate,
        however, if a {plaintext} password must be available to
        simulate a login at a remote host.
     
        PAP is defined in {RFC} 1334.
     
        (1996-03-23)