Hello Mike,
MSCHAPv2 is mutual challenge-reponse protocol.
Client does not send password in nthash format.
Nthashed password is used to calculate response to the challenge.
Because MSCHAPv2 is mutual then both client and server must be able to
calculate correct response. That is why server can't
Greetings,
I'm working on a deployment that should support PEAP with MSCHAPv2, but which
cannot have either plaintext passwords nor NT hashes stored (the latter can be
decrypted in miliseconds on sites such as
http://www.hashkiller.co.uk/ntlm-decrypter.aspx).
Passwords are stored in BCrypt has
