Modern Authentication in SharePoint [CHK-1523]
This customer check verifies if modern authentication is enabled in your Microsoft environment.
Rationale
Enabling modern authentication enhances the security of your tenant by allowing multi-factor authentication (MFA). Legacy authentication, which does not support MFA and relies on an outdated username and password screen, poses potential security risks.
Fix
An automated fix is available through Attic.
Manual steps:
- Navigate to SharePoint admin center at https://admin.microsoft.com/sharepoint
- Go to Policies > Access control
- Click on "Apps that don't use modern authentication"
- Select "Block access"
- Click "Save"
Impact
If the check results in a warning, we advise enforcing modern authentication and disabling legacy authentication.
More Information
This measure aligns with the following item from the Center for Internet Security (CIS) Microsoft 365 Foundations Benchmark:
- CIS M365 1.4 - (L1) Ensure modern authentication for SharePoint applications is enabled