Basic Authentication and Exchange Online – April 2020 Update

Kent Compton  oh my gosh, I had not realized the block legacy authentication policy had been deprecated.   We were using that as well as the "Require MFA for admins" conditional policy.  (Using standard Azure Active Directory, not Premium)   I know they came out with https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/concept-fundamentals-security-defaults however, as mentioned in the Microsoft https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/concept-conditional-access-policy-common "Security defaults are great for some but many organizations need more flexibility than they offer. For example, many organizations need the ability to exclude specific accounts like their emergency access or break-glass administration accounts from Conditional Access policies requiring multi-factor authentication."  And, in fact, having that emergency access account that does not require MFA is actually https://docs.microsoft.com/en-us/azure/active-directory/users-groups-roles/directory-emergency-access, again, by Microsoft itself! 

I looked back through the messages in Message Center, and did not find an announcement about deprecating those policies for the non-premium AAD clients.  So that was a surprise.  I guess I have to figure out how this affects us.  

That's a huge thing to just take away!  Glad you mentioned that!