In a significant move to bolster cloud security, Microsoft 365 is now defaulting to a more secure posture by blocking legacy authentication protocols for accessing files stored in SharePoint Online and OneDrive for Business. This strategic shift aims to protect organizations from common, yet effective, attack vectors like password spray attacks, which often exploit these older, less secure methods.
Legacy authentication includes protocols such as POP, IMAP, and older versions of Exchange ActiveSync and MAPI that predate modern authentication standards. Unlike modern authentication, which utilizes more robust methods like OAuth 2.0 and offers features like Multi-Factor Authentication (MFA), legacy protocols often rely on sending credentials in less secure ways, making them vulnerable.
This change primarily impacts clients attempting to access files via Microsoft 365 Apps (Office clients) and other applications configured to use these older protocols. For new Microsoft 365 tenants, this block is already the default setting, ensuring a higher security standard from day one. For existing tenants, Microsoft is actively rolling out this default block, gradually disabling legacy authentication for file access.
Organizations still relying on legacy authentication for file access are strongly urged to migrate to modern authentication as soon as possible. This involves updating client applications to versions that support modern methods and ensuring user accounts are configured appropriately. Implementing Conditional Access policies in Azure AD is the recommended way to granularly control and block legacy authentication across the tenant, providing a flexible and powerful security layer.
By defaulting to blocking legacy authentication, Microsoft is helping organizations enhance their overall security posture and significantly reduce the risk of breaches stemming from credential theft and replay attacks. This proactive step is crucial for maintaining a secure cloud environment in the face of evolving cyber threats. Ensuring your organization is aligned with this change is a fundamental step towards a more resilient security framework.
Source: https://www.bleepingcomputer.com/news/microsoft/microsoft-365-to-block-file-access-via-legacy-auth-protocols-by-default/
