I had always assumed [incorrectly apparently] that "encrypts the password" meant the username and password. But, running Wireshark I came upon this (I trimmed the actual wireshark output to remove redundant information and clean it up):
Ethernet II
Destination 00 26 22 6e 60 d9
Source 00 16 46 a2 f7 13
Type 0x0800 (IP)
Internet Protocol
Version 4
Header Length 20 bytes
Differentiated Services Field 0x00
Total Length 119
Identification 0x0302
Flags 0x00
Fragment Offset 0
TTL 255
Protocol 17 (UDP)
Header Checksum 0x5F50
Source 172.16.0.1
Destination 172.16.1.2
User Datagram Protocol
Source Port 1645
Destination Port 1645
Length 99
Checksum 0x7bbd
RADIUS
Code 1 (Access-Request)
Packet Identifier 0x1B
Length 91
Authenticator 12a32ec1a621b268a969c9362cdcdfd6
Attribute-Value Pairs
[COLOR=#ff0000] 1 (User-Name) Administrator[/COLOR]
[COLOR=#ff0000] 2 (User-Password) Encrypted[/COLOR]
5 (NAS-Port) 194
87 (NAS-Port-Id) tty194
61 (NAS-Port-Type) 5 (Virtual)
31 (Calling-Station-Id) 172.16.0.1
4 (NAS-IP-Address) 172.16.0.1
