I have read several articles about disabling legacy auth and still other articles about disabling legacy protocols. I'm confused how these two are related.
Is it possible to disable legacy protocols without enabling modern authentication? Are the two the same thing?
In the O365 secure score there used to be (I don't see it now) a action for disabling legacy protocols.
FletcherKevin-4084 Legacy authentication refers to legacy protocols that use basic authentication. Azure AD supports variety of authentication protocols including legacy authentication. However, legacy protocols don’t support multi-factor authentication (MFA) and other features. Read all about these modern protocols here. Legacy and modern authentication/protocols are not the same. You may disable legacy authentication/protocol, however, you would still need modern authentication/protocols enabled.
BijuThankappan-5910
Thank you. To clarify... I cannot disable legacy protocols without enabling modern authentication. Correct?
Modern authentication is enabled by default and preferred by default. It's just about applications if they support modern authentication (so it's used) or not. So if you don't have applications that don't support modern authentication, then you don't need basic/legacy authentication and you should disable it.
1 Person is following this question.
