What is LEAP (Lightweight Extensible Authentication Protocol)? - Definition from Whatis.com

Definition

LEAP (Lightweight Extensible Authentication Protocol)

LEAP (Lightweight Extensible Authentication Protocol) is a Cisco-proprietary version of EAP, the authentication protocol used in wireless networks and Point-to-Point connections. LEAP is designed to provide more secure authentication for 802.11 WLANs (wireless local area networks) that support 802.1X port access control.

LEAP uses dynamic Wired Equivalent Privacy (WEP) keys that are changed with more frequent authentications between a client

Learn More

and a RADIUS server. WEP keys are less likely to be cracked -- and less long-lived if cracked -- due to this frequency.

However, LEAP's reliance upon a version of the MS-CHAP protocol means that user credentials may not be adequately protected. More stringent authentication protocols employ a salt (a random string of data that modifies a password hash).

Cisco, Microsoft and RSA Security are promoting a more secure version of EAP, Protected Extensible Authentication Protocol (PEAP), as an Internet standard. That protocol is expected to displace LEAP.

This was last updated in July 2008

Dig Deeper

  • In-the-cloud defenses for mobile malware

    Mobile antivirus programs apply laptop best practices to PDAs and smartphones, but there are many other ways to protect corporate assets from mobile malware. Complementary "in the cloud" defenses include enterprise sync servers, network gateways and wireless services that incorporate mobile malware filtering. Learning from experience: Our decade-long fight against Win32 malware has shown that PC-resident virus/spyware scanners and spam/phishing filters are necessary but inefficient. Keeping those programs and signatures current has become an onerous, time-sensitive chore.

  • iPhone encryption is a must for the security-conscious enterprise

    Apple is advertising the iPhone 3G as something that consumers can use at work. IT managers with high security requirements beg to differ. They want full device encryption and centralized policy enforcement before they'll even let one in the building.

  • Avoiding data breaches through mobile encryption

    Compare mobile encryption alternatives and their ability to prevent stored data theft, reducing the biggest risk posed by lost or stolen devices, in this tip.

Do you have something to add to this definition? Let us know.

Send your comments to techterms@whatis.com