Customers that have disabled Basic Authentication have experienced 67 percent fewer compromises than those who still use it. The same study found that over 97 percent of credential-stuffing attacks also use legacy authentication. Our own research found that more than 99 percent of password spray attacks leverage the presence of Basic Authentication. This is particularly beneficial for small and medium-sized businesses that don’t have dedicated security staff. Moving your Exchange Online organization from Basic Authentication to the more secure OAuth 2.0 token-based authentication (or Modern Authentication) enables stronger protection and the ability to use features like multifactor authentication (MFA).
In addition, the FBI’s Internet Crime Complaint Center (IC3) received 19,954 business email compromise (BEC) and email account compromise (EAC) complaints with adjusted losses at nearly USD2.4 billion. There are 921 password attacks every second, almost doubling the frequency of attacks from 2021. Email remains essential for sales, productivity, and confidential communication in business, and using Basic Authentication puts companies at greater risk of data breaches and email disruption. Securing email has never been more critical. We have also worked with partners to help our mutual customers turn off Basic Authentication and implement Modern Authentication. My work has enabled Modern Authentication with Exchange Online and that appears to pass my Windows credentials to Exchange when Im using the Outlook client without requiring me to explicitly enter my credentials for the Outlook client. Since we announced our intent to deprecate Basic Authentication in 2019, we have helped millions of Exchange Online users move to Modern Authentication.
0 kommentar(er)
