Important features of LEAP are dynamic WEP keys and mutual authentication (between a wireless client and a RADIUS server).
[2] Cisco LEAP, similar to WEP, has had well-known security weaknesses since 2003 involving offline password cracking.
[3] LEAP uses a modified version of MS-CHAP, an authentication protocol in which user credentials are not strongly protected.
Cisco's response to the weaknesses of LEAP suggests that network administrators either force users to have stronger, more complicated passwords or move to another authentication protocol also developed by Cisco, EAP-FAST, to ensure security.
[4] Automated tools like ASLEAP demonstrate the simplicity of getting unauthorized access in networks protected by LEAP implementations.