Basic Authentication and Exchange Online: February 2020 Update
As technology continues to evolve, so do the authentication protocols used to keep your data secure. This is especially true in the cloud space, where strong authentication is essential for protecting your data and preventing unauthorized access. With this in mind, Microsoft has been working to improve the security of its Exchange Online service by transitioning away from basic authentication and introducing modern authentication.
What is Basic Authentication?
Basic authentication is an authentication protocol often used to authenticate users to websites and other services. It sends a username and password as a set of unencrypted base64-encoded text strings, which can be easily decoded by anyone with access to the network. This makes basic authentication an insecure protocol and is not recommended for use in a production environment.
What is Modern Authentication?
Modern authentication is an authentication protocol based on OAuth 2.0 and OpenID Connect. It provides a secure way to authenticate users to applications and services, while also providing additional security features such as multi-factor authentication (MFA). Modern authentication is becoming increasingly popular as organizations move to the cloud and is the recommended authentication protocol for Exchange Online.
The Transition to Modern Authentication
Microsoft has been gradually transitioning Exchange Online to modern authentication, starting with the Office 365 tenant level and then moving to individual users. As of February 2020, Microsoft has officially completed the transition of Exchange Online to modern authentication. This means that all users must now use modern authentication when connecting to Exchange Online.
The Benefits of Modern Authentication
Modern authentication provides a number of benefits over basic authentication, including:
* Improved security – Modern authentication is based on OAuth 2.0 and OpenID Connect, which are much more secure than basic authentication.
* Multi-factor authentication – Modern authentication supports multi-factor authentication (MFA), which can significantly reduce the risk of unauthorized access.
* Better user experience – Modern authentication provides a better user experience by allowing users to authenticate with their existing credentials, such as a Microsoft account.
How to Implement Modern Authentication
Modern authentication can be implemented in a number of ways, depending on your individual requirements. Here are some of the most common methods:
* Integrated Windows Authentication (IWA) – IWA is an authentication method that uses Windows credentials to authenticate users. This can be used in conjunction with modern authentication to provide an additional layer of security.
* Microsoft App Registration Portal – The Microsoft App Registration Portal allows you to register applications for use with modern authentication. This provides an easy way to enable modern authentication for your applications.
* ADFS – ADFS is an authentication service that allows you to set up modern authentication for users in your organization. It also provides a single sign-on experience for users.
Conclusion
Modern authentication is an essential part of keeping your data secure in the cloud. Microsoft has officially transitioned Exchange Online to modern authentication, providing improved security, better user experience and the ability to use multi-factor authentication. There are a number of ways to implement modern authentication, depending on your individual requirements. If you are using Exchange Online, it is important to ensure that you have implemented modern authentication in order to keep your data secure.
References:
Basic Auth and Exchange Online – February 2020 Update
