![]() It asks people to authenticate with something they own - a smartphone or hardware authentication device - in addition to username and password. Multi-factor authentication should be part of a modern authentication approach to protecting every employee. This will inevitably involve the use of multiple factors but also be more dynamic as well as context-aware. That raised bar is to be delivered through the adoption of Modern Authentication. No surprise, then, that Microsoft is keen to enforce a new standard of login security when it comes to email accounts and tenants to raise the bar overall when it comes to user security. The Verizon Data Breach Investigations Report 2022 indicates that compromised credentials account for 60% of successful data breaches. Once a username and password have been obtained, every transaction conducted with the credentials will be treated as legitimate and valid, even if the credentials are in the wrong hands. ![]() Additionally, it is possible to use keyloggers to record each keystroke made on the keyboard. They also use sophisticated tools to carry out brute force attacks to create random passwords and determine your login details. Scammers often use phishing to trick users into handing over their basic authentication credentials. In addition, managing all those passwords at an organisational level puts the burden on understaffed IT teams.įor would-be attackers, functional username-password combinations are trivial to obtain. Passwords are famous for being easily compromised or broken, and people tend to make errors such as sharing these credentials or using them across many platforms. Instead, it opens organisations to a wide range of risks. These credentials are frequently saved on the user’s device as well.Īs any security-conscious business knows, relying on passwords to protect access to business systems and data is no longer considered best practice. It’s worth contemplating why Microsoft is so keen to upgrade the authentication mechanisms for Outlook and Exchange Online in the first place.Īpplications have traditionally been connecting to servers, services, and APIs using basic authentication - the practice of verifying the identity of a person connecting to a service or an application with a username and a password. Instead, it should be considered far more preferential to treat this as a last-ditch opportunity to expedite a review of your environment to determine if you have users likely to be impacted by the switch and, if so, to craft a transition strategy that ensures they can continue to communicate over email uninterrupted. While this might buy some businesses a bit of extra time, it would be undesirable to have to avail oneself of this stopgap measure. The result is a bit of extra leeway to allow customers to make the switch to Modern Authentication, ahead of Microsoft switching off Basic Authentication. There are also many customers aware of the deadline who simply haven’t done the necessary work to avoid an outage.” “Despite multiple blog posts, Message Center posts, interruptions of service, and coverage via tweets, videos, conference presentations and more, some customers are still unaware this change is coming. “This effort has taken three years from initial communication until now, and even that has not been enough time to ensure that all customers know about this change and take all necessary steps,” it said. ![]() While acknowledging the three years it has spent communicating the authentication switch, it noted there were still some customers that weren’t ready. The vendor also made another change of its own. “IT and change can be hard,” it said at the start of the month. Microsoft is fully cognisant of the risks and challenges. Add to that the anguish caused when users are locked out of their email accounts, and there is a lot riding on the change. Any change to the way they authenticate to their email service is just a massive undertaking. The length of the build-up to this was necessary: Outlook is estimated to have about 400 million users worldwide. Microsoft will specifically disable Basic Authentication for MAPI, RPC, Offline Address Book (OAB), Exchange Web Services (EWS), POP, IMAP, Exchange ActiveSync (EAS), and Remote PowerShell. The countdown to end basic authentication is about to start, but too many email users remain unprepared.Ī technology change three years in the making is finally about to start taking effect: the phasing out of ‘Basic Authentication’ for Outlook, Exchange Online and related services, replaced with a decidedly more modern approach to logging into email. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |