# Table of contents:

• Introduction
• Procedure

# Introduction

CTP (Clear-Text Password) is a authentication scheme that exists in very early versions (1.0.0452 to 1.0.0893) of the Offical Client.
This scheme is only available in MSNP2.

CTP offers no security, with the password being sent unobfuscated and unencrypted to the Notification Server (NS).

Trying to use this method in Client Version 2 or above will cause the client to immediately disconnect, even in MSNP2.

With both of these issues, server implementations may want to use MD5 instead.

# Procedure

The client sends the initial USR request with the credentials, and gets an OK response:

C: USR TrID CTP I user-handle password
S: USR TrID OK (...)

Where user-handle is the handle (e-mail address) the client is authenticating with.

Where password is the user's account password.