Microsoft offers various services to fulfill users’ and organizations’ requirements. These services are widely used because they are highly available. There can be security issues due to the number of large users and the chance of data breaches. So, Microsoft introduced modern authentication to overcome security issues and data breaches to improve the security of Office 365.
This method requires additional authentication instead of using the username and password used in the basic authentication method. It offers various benefits and is enabled by default for the tenants created since 2017. To use Office Numbers apps, only the specified login method is required. For older Office versions, modern authentication can be manually enabled.
What is Modern Authentication in Office 365?
Modern authentication is a critical security update for Office 365 users. It enhances security by replacing basic authentication with modern authentication features. Overcomes drawbacks of basic authentication by providing a multi-layer-secured approach.
It uses a combination of authentication and authorization techniques to access Office 365 resources securely. These techniques help users and organizations secure their data against unauthorized logins and breaches.
It allows users to apply various authentication features which include MFA (Multi-factor Authentication), CBA (Certificate-based Authentication), smart cards, and third-party SAML identity providers. It is based on the ADAL (Active Directory Authentication Library) and OAuth 2.0.
- Active Directory Authentication Library- It is a library designed by Microsoft to use with Azure AD. It uses tokens for authentication and refreshes the tokens when they expire. Also, helps in handling user’s authentication flows by using Single-Sign-On(SSO).
- OAuth 2.0- It is a protocol designed for authorization. It allows users to access applications on their behalf and there is no need to store users’ passwords. It also defines the level of access for an application to the resources.
Importance of Modern Authentication in Office 365
Basic authentication only uses usernames and passwords, which can make it easy for attackers to perform data breaches and other malicious activities. So, to avoid such potential security risks, Microsoft has introduced a modern authentication method. Modern authentication uses more secure approaches to secure the data. Below are some factors that determine the need for modern authentication.
Multi-Factor Authentication
- Adds an extra layer of security by adding a second verification factor to access data. It includes verification through email, phone, etc. alongside the username and password.
- It provides specific security requirements based on the user’s location, type of devices, and services or applications used.
Reduced Security Risks
- It eliminates the risk of stealing the user’s login credentials.
- Modern authentication makes it challenging for attackers to steal user’s credentials and access Office 365 data.
Enhanced Security For Organization
- Secures the organization’s future by reducing security risks and ease of use for Office 365.
- Provides an extra layer of security when employees are working from remote locations or using personal devices.
Disadvantages of Not Enabling Modern Authentication
- Users with malicious intentions can easily access your Office 365 account, as it is secured only by basic authentication using a username and password.
- Attackers can easily steal and breach weaker login security methods used in basic authentication for easier login access.
- Users cannot set specific security requirements based on factors like device location and type of device.
Also Read: How do I Send an Encrypted Email in Outlook?
How to Enable Modern Authentication in Microsoft 365?
There are two methods to enable modern authentication in Office 365. Below are the steps for both methods discussed.
Method 1. Enable Modern Authentication Using Microsoft 365 Admin Center
- Step 1. Sign in to your Microsoft Admin Center using admin credentials.
- Step 2. Choose the left navigation pane to expand settings and click on Org Settings.
- Step 3. Navigate to Services and choose Modern Authentication.
- Step 4. Select the checkbox saying “Turn on Modern Authentication for Outlook 2013 for Windows and later”.
- Step 5. Click Save to enable modern authentication.
Method 2. Using Exchange Online Powershell in Windows
Step 1. Open Windows Powershell as an administrator. Connect to Exchange Online Powershell using the below command:
Import-Module ExchangeOnlineManagement Connect-ExchangeOnline -UserPrincipalName <UPN>
Step 2. Enable Modern Authentication by executing the below command:
Set-OrganizationConfig -OAuth2ClientProfileEnabled $true
Step 3. For successful activation of Modern authentication run the following command:
Get-OrganizationConfig | Format-Table Name,OAuth* -Auto
How to Disable Modern Authentication in Exchange Online?
By following the same steps as mentioned above you can turn off or disable the modern authentication. Check out the below steps:
Method 1. Enable Modern Authentication Using Microsoft 365 Admin Center
- Step 1. Sign in to your Microsoft Admin Center using admin credentials.
- Step 2. Navigation to Settings >> Org Settings.
- Step 3. Navigate to Services >> Modern Authentication.
- Step 4. Select the checkbox saying Turn Off Modern Authentication.
- Step 5. Click Save.
Method 2. Disable Using Powershell
Disable the modern authentication by executing the below command:
Set-OrganizationConfig -OAuth2ClientProfileEnabled $false
Conclusion
In this article, we explored modern authentication and its importance for organizations. The steps to enable or disable modern authentication in Office 365 using two methods, and also discussed the disadvantages of not enabling it.
Enabling modern authentication in Office 365 will help enhance your organization’s security and provide a better user experience. So, to take the benefits of modern authentication in Office 365, follow the steps discussed in this guide. This will improve your organization’s security by enabling features like multi-factor authentication.
FAQs
1. What is Modern Authentication in Office 365?
Modern authentication is a powerful method provided by Microsoft that provides features like identity management for more secure user authentication and access authorization. It makes access secure when users access information from a server.
2. How do I enable authenticator in Office 365?
- Sign in to your account using your credentials and navigate to your My Account portal.
- Choose the “Security info” option from the left menu or use the link in the Security info pane.
- Navigate to the “Add a Method page”, choose the “Authenticator app” from the list, and then select “Add”.
3. Why might users not see Modern Authentication prompts?
Outdated client applications can be the reason, so users might not see Modern Authentication prompts because the required registry keys did not work for older versions of Outlook. Another reason can be improper enabling of Modern Authentication in the admin settings.
4. How does Modern Authentication enhance security?
It enhances overall security because it supports multi-factor authentication, so it protects against unauthorized security attacks. MFA requires users to verify their identity by following various methods. It also enables admins to implement control access policies based on criteria like location, etc.