Correction: EAP isn't just for Wi-Fi or even part of security: As part of my long-running series that runs corrections on articles that I haven't written, News.com makes a few mistakes explaining what EAP (Extensible Authentication Protocol) really is.

EAP is a generalized way to exchange messages among different parties based in part on how several existing specific methods work, like elements of PPP (Point-to-Point Protocol).

In 802.1x/EAP, the method of authenticating users on a network supported in the WPA and 802.11i security updates, EAP is used as the method to exchange information among the client (supplicant), access point or gateway (authenticator), and network user system (authentication server). 802.1x defines these three roles; EAP is the method by which they message to each other.

News.com writes, EAP is [sic] provides much stronger security protection than WPA, via better encryption and one-time passwords, for example. In fact, EAP provides a mechanism alongside the non-wireless-specific 802.1x (note that it's ONE x, not ELEVEN x) to have encryption and better key exchange. WPA and 802.11i include EAP messaging, as well as new encryption methods such as TKIP and AES.

One-time passwords is probably not the right phrase, either. Rather, the 802.1x/EAP model allows an authentication system to provide new keys (not one-time keys) every X packets or on whatever basis the network administrator chooses to set policy.

Finally, a weird side note: Matthew Gast, author of 802.11 Networks: The Definitive Guide, just explained to me that the capitalization in IEEE specifications means something. The 802.1x protocol is actually 802.1X: protocols that stand alone use capital task group letter. Protocols like 802.11b, which are modifications to other protocols, use lower-case letters. Leave it to engineers to put meaning into capitalization.