Extensible Authentication Protocol

A framework for autonegotiation of secure authentication methods that use hardware identifiers like fingerprint readers or smart card scanners.

This autonegotiation happens before full connection in three scenarios:

• when the user is accessing a wireless network and needs to access a network directory server (e.g. LDAP)
• when a device is connecting to a network via a switch and network policies require the device to authenticate before full communications are established
• when a user is connecting over a VPN

EAP is usually configured with a digital certificate to handle secure tunnel creation for credential transmission.