cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Basic Authentication will be deprecated

StephanGee
Steel Contributor

‎Nov 03 2022 12:49 AM

‎Nov 03 2022 12:49 AM

Basic Authentication will be deprecated

Hi everyone,

 

we got the news today for our M365 Apps.

"You are receiving this message because our reporting indicates one or more users in your organization are using basic authentication to access resources."

---

How can we find out which services/endpoints are using basic auth?

We are having hundreds of customer systems we connect to and do not manage.

Basic authentication sign-in prompts are blocked by default in Microsoft 365 Apps - Deploy Office | ...

 

BR

Stephan

1,833 Views
0 Likes
4 Replies
Reply
4 Replies
pLapkowski

‎Nov 04 2022 12:35 AM - edited ‎Nov 04 2022 12:49 AM

‎Nov 04 2022 12:35 AM - edited ‎Nov 04 2022 12:49 AM

Re: Basic Authentication will be deprecated

1. Sign-ins using legacy authentication workbook --> https://learn.microsoft.com/en-us/azure/active-directory/reports-monitoring/workbook-legacy%20authen...
2. Identify legacy authentication use --> https://learn.microsoft.com/en-us/azure/active-directory/conditional-access/block-legacy-authenticat...

OLD but very good

3. New tools to block legacy authentication in your organization ---> https://techcommunity.microsoft.com/t5/microsoft-entra-azure-ad-blog/new-tools-to-block-legacy-authe...

 

0 Likes
Reply
StephanGee

‎Nov 08 2022 05:29 AM

‎Nov 08 2022 05:29 AM

Re: Basic Authentication will be deprecated

Thanks but it does not cover "other tenants" or other services. I only can see my tenant.
We already blocked basic auth some time ago.
But our customers may not - how can i found out if that is the case?
0 Likes
Reply
ChristianJBergstrom

‎Nov 08 2022 07:52 AM

‎Nov 08 2022 07:52 AM

Re: Basic Authentication will be deprecated

@StephanGee Not sure I understand. You manage your own tenant and how the authentication works for incoming connections/sign-ins, i.e. What you allow or not. You might have blocked legacy authentication with CA and/or with the Authentication policy? Conditional Access policies are enforced after first-factor authentication is completed. If you implement Authentication policies (from the M365 admin portal or New/Set-Authentication policy, you stop connections before a sign-in can be attempted.

0 Likes
Reply