AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |
Back to Blog
Exchange activesync modern authentication12/20/2023 "Digest authentication" is an old challenge-and-response protocol for verifying user identities, according to Microsoft's glossary. A password spray attack is a method of trying weak passwords (such as "password" or "12345678") across an organization to gain a network foothold. Basic authentication should be blocked because it's subject to "brute force or password spray attacks," Microsoft explained. " Basic authentication" is just the requirement for a user name and password to verify access to Exchange e-mail. Windows authentication (NTLM and Kerberos).The old or "legacy" authentication protocols that Microsoft wants organizations to remove include the following, per the announcement: The "modern" part of "hybrid modern authentication" is a reference to client applications that use the Active Directory Authentication Library (ADAL) for sign-ins. The idea is to switch to using so-called "hybrid modern authentication" instead, which is deemed as being more secure.īy "hybrid," Microsoft typically means that an organization's servers connect in some way to Microsoft's "cloud"-based services, typically the Azure Active Directory identity provider service. The Exchange team, in a Friday announcement, explained how Exchange Server 2019 with Cumulative Update 2 (CU2) can help organizations rid themselves of old authentication protocols, which constitute a potential security risk.ĬU2, released this week, notably brings the ability to disable old authentication protocols organizationwide, which is a new capability.
0 Comments
Read More
Leave a Reply. |