You may have heard in the tech news that Legacy Authentication will soon be disabled by Microsoft for all Office 365 Exchange Online users. This could mean your company is at risk of service interruption if you are using older versions of Outlook and other 3rd party applications.
What is Legacy Authentication?
When using Basic/Legacy Authentication applications such as Outlook / Teams send your username and password with every request to Exchange Online which either forwards the credentials towards Azure / Active Directory. The problem with Basic/Legacy authentication is that it’s vulnerable to brute force or password spray attacks.
Due to these security vulnerabilities, Microsoft will soon disable Legacy Authentication. Beginning October 1, 2022, they will begin to disable Basic Authentication in all tenants, regardless of usage.
How does this affect me?
Most current email clients support Modern Authentication and will automatically switch to Modern authentication once your tenant has been switched. Outlook 2013 needs some extra registry keys for example in order for Modern Authentication to be used.
The biggest challenge is with older email clients (Outlook 2010 and others), which still use basic/legacy authentication. iOS and MacOS support Modern Authentication in their most recent versions, as with Android it gets tricky since there are so many versions, therefore Microsoft recommends switching to the Outlook App for using email hosted by Office 365 Exchange Online.
What are my options?
Microsoft disabling basic/legacy authentication can have a huge impact on your company if your clients are still using basic/legacy authentication. If you start today, you should still have enough time to make sure that you are ready for the moment that Microsoft flips the switch. Even though there is a chance that Microsoft will postpone the change if they determine that many customers have not made preparations, the switch will be performed in the near future. So all of our clients should prepare now!
You should consider the below:
- Upgrading your Office 365 Subscription to include the desktop applications (Word, Excel, Outlook etc) to make sure you’re always on the latest version of Outlook.
- Upgrade your non-Office 365 Mail Client (Update the operating system on your phone / Macbook etc).
- Stop using 3rd party mail applications (such as MacMail etc) in favour of Microsoft Outlook (Outlook is free for smartphones).
- Make more use of Modern Authentication by enabling Conditional Access and 2FA to restrict the availability of your accounts online.