Blog Post

Microsoft Entra Blog

6 MIN READ

New tools to block legacy authentication in your organization

Microsoft

Mar 12, 2020

Hey folks, If you’re a regular reader of this blog series, you know we’ve been advocating for admins to enable multi-factor authentication (MFA) for a while. In one of my previous posts, Your P...

Updated Jul 24, 2020

Version 13.0

security

Alex Weinert

Microsoft

Joined October 02, 2018

View Profile

Microsoft Entra Blog

Follow this blog board to get notified when there's new activity

danielwood95

Microsoft

Mar 18, 2020

Hi Daniel Nitz, thanks for reading and I'm happy to address your comments to the blog post.

The aggregated report shows all legacy auth protocols used, including Exchange ActiveSync, but a protocol does not get listed if there are no sign-ins of that type. Since there were no sign-ins using Exchange ActiveSync in the time range specified (14 days), Exchange ActiveSync does not appear in the Sign-ins using Legacy Auth workbook.

The screenshot in Step 1 is filtered to include 14 client apps. You can see whether a filter is applied where it says Client app: 14 selected.

As the blog mentions, there are two ways you can block legacy authentication. The first way is via Conditional Access, and the second way (which you mention in your comment) is to disable the protocol at the service level.

Thanks,

Daniel Wood