You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
mschapv2
About this tag
MSCHAPv2 is a Microsoft authentication protocol commonly used with PPTP VPNs. Discussions on WindowsForum.com highlight security concerns, particularly man-in-the-middle attacks that can expose domain credentials. Microsoft released Security Advisory 2743314 to address this vulnerability, recommending organizations review the guidance. A related thread advises implementing PEAP-MS-CHAP v2 authentication to encapsulate MSCHAPv2 traffic in TLS, mitigating known attacks. These sources focus on enterprise IT security, VPN configuration, and Microsoft's response to authentication vulnerabilities.
Today, we published Security Advisory 2743314, which provides guidance that will help protect customers from a technique that could allow a man-in-the middle attack to obtain a user’s domain credentials when VPN is configured to use PPTP and MSCHAPv2.
Customers concerned with this...
Provides recommendations for organizations that use MS-CHAP v2/PPTP to implement the Protected Extensible Authentication Protocol (PEAP) in their networks. This mitigates known attacks by encapsulating the MS-CHAP v2 authentication traffic in TLS.
More...