CHAP is an improvement over PAP because the clear-text password is not sent over the link. Instead, the password is used to create a hash from the original challenge. The server knows the client’s clear-text password and can, therefore, replicate the operation and compare the result to the password sent in the client’s response. CHAP protects against replay attacks by using an arbitrary challenge string for each authentication attempt. CHAP protects against remote-client impersonation by unpredictably sending repeated challenges to the remote client throughout the duration of the connection.
RADIUS can respond to authentication requests based on its own user account database, or it can be a front end to another database server, such as a Structured Query Language (SQL) server or a Windows domain controller (DC). The DC can be located on the same computer as the RADIUS server or elsewhere. In addition, a RADIUS server can act as a proxy client to a remote RADIUS server.
Avast SecureLine VPN offers good overall performance and steady connections, and it was the best of the limited-feature services we tested in 2017. But at $80 per year for software installation on five devices, it's more expensive than any full-fledged VPN service that doesn't limit installations. A single Mac or PC license is $60, while iOS or Android licenses are $20 each.

Are you so used to your data traveling over Wi-Fi that you've stopped worrying about the security of that data—and about who else might be spying on it, or even stealing it for nefarious purposes? If so, you are—sadly—in the majority, and you ought to consider using a viritual private network, or VPN. In fact, when PCMag conducted a survey on VPN usage, we found that a dismal 71 percent of the 1,000 respondents had never used a VPN. Even among those who support net neutrality—who you might think would tend to be well informed on technology and privacy issues—only 45 percent had used a VPN.