Forum Discussion
MFA and legacy auth
MFA and disabling legacy auth.
what actually 'happens' on an end-users device (iPhone)
1) where the user sync mail with exchange ActiveSync - and uses the native mail client - (I'm guessing if outlook mobile is used there's no problem?).
2) and what happens when MFA is enabled - are the end-users then needed to switch to use App password?
Both the native Mail app and Outlook support modern auth/MFA, so you should be fine.
8 Replies
Both the native Mail app and Outlook support modern auth/MFA, so you should be fine.
VasilMichev - thx, why do I see a lot of entries in the CA insight, that phones are using legacy auth. ?
- Probably because of EAS.
Taen keren Hi, I usually don't work with these questions but, yes you're right as Outlook for iOS use modern authentication. When modern authentication is enabled app passwords aren't required.
ADAL-based authentication is what Outlook for iOS and Android uses to access Exchange Online mailboxes
https://docs.microsoft.com/en-us/exchange/clients-and-mobile-in-exchange-online/outlook-for-ios-and-android/setup-with-modern-authentication#modern-authenticationYou can enroll the devices with one-time MFA prompt, if that's what you are looking for.
'Require multi-factor authentication for Intune device enrollments'
https://docs.microsoft.com/en-us/mem/intune/enrollment/multi-factor-authentication
