Modifying the Challenge Length for CHAP Authentication

You can optionally modify the length of the CHAP challenge by specifying the allowable minimum length and maximum length in bytes in the range 8-63. By default, all PPP sessions are enabled. You can stop the PPP session from the Interface Configuration Mode and the Subinterface Configuration Mode.

Caution: Do not decrease the range. Increasing the range is acceptable, provided that you do not lower the minimum to do so. The recommended minimum is 16. A longer challenge and a more unpredictable challenge length provide a higher level of security.

To modify the maximum and minimum challenge length for CHAP authentication:

• (Optional) From the Interface Configuration mode, specify the following command:
  host1(config-if)#ppp chap-challenge-length 24 28

  Use the no version to restore the default minimum (16 bytes) and default maximum (32 bytes).