Password Authentication Protocol (PAP) uses a two-way handshake to provide the peer system with a simple method to establish its identity.
The handshake is conducted when establishing a link. After the link is established, the remote device sends a user ID and password pair to the authenticating system. Depending on the correctness of the pair, the authenticating system either continues or ends the connection.
PAP authentication requires the user name and password to be sent to the remote system in clear text form. With PAP, the user ID and password are never encrypted, which makes them possible to trace and vulnerable to hacker attack. For this reason, you should use Challenge Handshake Authentication Protocol (CHAP) whenever possible.