Disable basic authentication in Office 365 and Exchange The user impact plays out in various scenarios.
If you disable legacy authentication on Outlook 10, it won’t be able to connect. Outlook 2010 is no longer supported to connect to Office 365 even though some still use the platform. If they use legacy authentication, they are basically using IMAP, POP, SMTP and other older protocols to connect.Įnsure that you are using newer Outlook clients to connect to Office 365. This is honestly a good thing, because you need to demand that vendors stop using an old insecure method to connect to your information. What are the consequences to that? Third-party tools that plug into your online applications might no longer work. So, you need to turn off legacy authentication when implementing MFA. Most people reuse passwords, so once an attacker has breached a database, they can try that password on your server or other sites. They often don’t even have to “crack” the password they already have it. If someone cracks that, has harvested the hash value and can reuse it, or used brute force and password spraying techniques to gain access, they are in. They should have made it clear that you need to take one more action and disable basic or legacy authentication.īasic or legacy authentication is what most people use when they log into websites and networks: a username and a password. Microsoft recently announced that 99.9% of the attacks on Office 365 credentials can be stopped by enabling multi-factor authentication (MFA).
0 kommentar(er)
