My provider still uses VPN with MS-CHAP2(no encryption). How easy can it be exploited? I see a lot of articles but they are from 2012/2013. And some sites do not work. What is going on? Has Microsoft fixed it? Is it still not secure? How cheap such attack can be? What should I do if provider will not consider change of protocol?