Legacy Authentication (Exchange) [CHK-1325]
This check verifies if legacy authentication is disabled in Exchange Online.
Rationale
Legacy authentication protocols, used by outdated client software like Outlook 2013, do not support multi-factor authentication (MFA). This makes it easier for attackers to gain access as they can log into your tenant via these outdated protocols without MFA. Blocking legacy authentication increases security.
Fix
An automated fix is available through Attic. If legacy authentication is not blocked, disable legacy authentication protocols for all users.
Manual steps:
- Enable Security Defaults (see Check-1127).
- Follow the instructions in the Microsoft Documentation.
Impact
Legacy authentication protocols are either actively blocked (Okay) or not blocked (Critical).
More Information
This measure aligns with the Center for Internet Security (CIS) Microsoft 365 Foundations Benchmark: CIS M365 1.1.6 - (L1) Enable Conditional Access policies to block legacy authentication.