Cisco has released a security authentication protocol to protect 802.1X Extensible Authentication Protocol (EAP) networks from dictionary attacks.

A dictionary attack uses variations of passwords to break into systems.

Cisco admitted that its password-based authentication EAP algorithm, known as Leap, is vulnerable to dictionary attacks, as are other systems.

The source code for the dictionary attack tool, known as 'Asleap', was released on 6 April, which could allow hackers to launch an offline dictionary attack on password-based authentications which leverage Microsoft MS-Chap, such as Cisco Leap.

Cisco has released the EAP-Flexible Authentication via Secure Tunneling (EAP-FAST) security protocol, which is designed to be used with Cisco Leap systems that use the MS-Chap authentication protocol.

In a statement Cisco said that it had "developed EAP-FAST for users who wish to deploy an 802.1X EAP type that does not require digital certificates and is not vulnerable to dictionary attacks".

Cisco's Security Notice can be found here.