This means that anyone using code built with EWS must upgrade to OAuth 2.0 and use that for authentication. In March 2018, Microsoft flagged the need for tenants to move away from basic authentication by announcing that support for basic authentication for Exchange Web Services will cease on October 13, 2020. Basic Authentication Deprecation for Multiple Connection Protocols Tenant administrators can deploy authentication policies to restrict the number of connection protocols that can be used with basic authentication for mailboxes. ![]() The introduction of protocol authentication policies in 2018 was a good step forward. They own protocols like IMAP4, POP3, SMTP, and so on. Eliminating basic authentication is high on the agenda of the Exchange Online team. Too slowly, but at least we see some progress. The message about the need to secure accounts with MFA is slowly getting through. Second, basic authentication is an invitation for an attacker to probe for weakly secured accounts using multiple connection protections, including SMTP. ![]() ![]() First, multi-factor authentication (MFA) is a very good thing and will block 99.9% of account compromise attacks. There are two things certain in Office 365 security. The Need to Eliminate Basic Authentication (and use MFA)
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |