The Point-to-Point Tunneling Protocol (PPTP) is an obsolete method for implementing virtual private networks.
The PPTP specification does not describe encryption or authentication features and relies on the Point-to-Point Protocol being tunneled to implement any and all security functionalities.
A specification for PPTP was published in July 1999 as RFC 2637[1] and was developed by a vendor consortium formed by Microsoft, Ascend Communications (today part of Nokia), 3Com, and others.
[2][3][4][5] A summary of these vulnerabilities is below: EAP-TLS is seen as the superior authentication choice for PPTP;[11] however, it requires implementation of a public-key infrastructure for both client and server certificates.
Most networks that use PPTP have to apply additional security measures or be deemed completely inappropriate for the modern internet environment.