Block Legacy Authentication for SharePoint

Block Legacy Authentication for SharePoint

Microsoft Entra ID supports a wide range of authentication protocols, including legacy authentication, to provide a simple access to cloud applications. According to Microsoft’s investigation, archaic authentication mechanisms are used in over 97% of credential stuffing attacks and over 99% of password spray attacks. If basic authentication was restricted or removed, these assaults would end.

The best approach to block legacy authentication is via Microsoft Entra Conditional Access but lets see how to doit in specific service like SharePoint online.

Go to SharePoint admin center:

Go to Policies, Access control, App tha don’t use modern authentication.

Select block access and click save.

Some third-party apps and previous versions of Office can’t enforce device-based restrictions. Use this setting to block all access from these apps.

More info:

Leave a Reply

Your email address will not be published. Required fields are marked *