Introduction #
Block legacy authentication endpoints that can be used to bypass multi-factor authentication.
Targets #
This targets all accounts in the Tenant
User Impact #
HIGH
Users, Applications and Devices which are accessing Exchange Online with clients that do not support Modern Authentication will not be able to connect.
We highly recommend prior to turning this setting on that you check your tenant to ensure no accounts are logging in via Basic Authentication. The best way to do that is to log into the Azure Active Directory portal and navigate to “Sign-ins”.
Basics #
Template Category: Identity Protection (Security Defaults)
Assignments #
Users and Groups
Includes | – All Users |
Excluded | – None |
Cloud Apps or actions
Cloud Apps | – All apps |
Client Apps
Legacy Authentication Clients | – Exchange ActiveSync Clients – Other Clients |
Conditions #
Access Control
Block | – All Access |