Some additional security can be gained on the PPP link by using CHAP or EAP.
However, there are always tradeoffs when choosing an authentication method, and there is no single answer for which is more secure.
While weak schemes are used where the transport layer is expected to be physically secure, such as a home DSL link.
PAP is also used to describe password authentication in other protocols such as RADIUS and Diameter.
PAP authentication is only done at the time of the initial link establishment, and verifies the identity of the client using a two-way handshake.