victorguo This is something we have discussed and are considering. Thank you for the feedback.
Sankarasubramanian Parameswaran This new UI should be enabled for your tenant. Teams utilizes Modern Authentication by default, but if you have a need to disable it for just Exchange you can do that from our new UI, though we certainly wouldn't recommend it.
mikerocode
- If your get-organizationconfig does not have a Default Authentication Policy defined, toggling and saving the options within the new UI will create a new default policy.
- When looking at Authentication Policies versus Conditional Access, you should consider these as complementary, although there is some overlap. Authentication Policies will block requests (for users we know) during the initial connection to Exchange Online, and before they reach Azure AD or your on-premises IdP. The benefit of this approach is that brute force or password spray attacks never reach the iDP. Take a look at the diagrams and workflows https://docs.microsoft.com/en-us/exchange/clients-and-mobile-in-exchange-online/disable-basic-authentication-in-exchange-online. For customers utilizing Conditional Access, it provides exceptional control for those authentication requests that do make it beyond Exchange and into the organization.