cellphonejnr.blogg.se - Exchange online modern authentication

"There is no excuse for use of single authentication in 2022," Grajek told The Register. Garret Grajek, CEO of identity specialist YouAttest, called the use of two-factor (2FA) or multifactor authentication "table stakes" in the modern IT world. Microsoft last year announced it will disable Basic Auth in Exchange Online starting October 1, 2022. In addition, Azure AD accounts in organizations that disabled such authentication methods saw 67 percent fewer compromises than those still using legacy authentication. In a document dated 2020, two senior Microsofties said an analysis of Azure Active Directory traffic showed that 99 percent of password spray attacks and more than 97 percent of credential-stuffing attacks leveraged legacy authentication protocols. The Windows giant also has promoted MFA as a way of reducing by 99 percent the likelihood that a user will be compromised. Speaking of passwords, Microsoft has long been a vocal advocate for doing away with these passphrases for authentication, saying they are unreliable and a weak link in the cybersecurity chain. 74 countries hit by NSA-powered WannaCrypt ransomware backdoor: Emergency fixes emitted by Microsoft for WinXP+.Meltdown, Spectre: The password theft bugs at the heart of Intel CPUs.

Admins beware! Microsoft gives heads-up for 'disruptive' changes to authentication in Office 365 email service.

Microsoft delays disabling Basic Authentication for several Exchange Online protocols 'until further notice'.

This will make it more difficult for attackers to simply scrape a username and password from a vulnerable mobile device or browser session." "By moving to a posture of disabling basic authentication by default, it essentially hardens all email users who rely on Microsoft Exchange Online.