The MSCHAPv2 protocol is commonly used in PPTP VPN devices and in enterprise wireless WPA2 networks to handle secure authentication. Until recently, the only way to attack MSCHAPv2 was with a dictionary attack against the user password.

In order to collect the encrypted password for a WPA2 wireless network, for example, you would have to masquerade as a wireless access point and trick a user into authenticating to a malicious access point in order to capture their encrypted credentials. Once you have valid captured credentials you can use a dictionary attack against them.

Ultimately, the effectiveness of MSCHAPv2 was reliant on the password policy of the organization. In other words MSCHAPv2 security is dependent on the length and complexity of the user’s password. If you have a good password policy in place you should be safe from a... read more >