As far as my limited understanding goes, MS-CHAP v2 allows you to store a hash of your password on the server rather than storing the actual password. Then through a convoluted sequence of hashing algorithms it generates another hash and compares that with a hash you have provided. I think it's been around since at least 2003 and though it has itself been cracked (cf Moxie Marlinspike) I don't believe it's ever expected to be used outside of an encrypted tunnel (cf Matthew Gast).