Understanding Modern Authentication
At the beginning of the month, Microsoft switched from Basic Authentication in Exchange Online to Modern Authentication, also known as OAuth 2. The switch to Modern Authentication ensures that user accounts and the data they contain are far better protected than with Basic Authentication. In addition, Modern Authentication can improve the user experience.
Modern Authentication is the term Microsoft uses to refer to their implementation of the OAuth 2.0 authorization framework for client/server authentication. Modern Authentication leverages Active Directory Authentication Libraries (ADAL) to enable applications to support sign-in features like two-factor authentication (2FA/MFA) and Smart card + Certificate-based Authentication.
OAuth 2.0 also includes the use of access and refresh tokens to validate the authentication requests and reduce the number of times users receive a prompt to re-authenticate with primary credentials and performs two factor authentication.
Modern Authentication is crucial authentication for cloud applications. Modern Authentication protects the cloud by defining what those users can do once inside and where those permissions end. It customizes user-based security controls across platforms and streamlines access approach.
Other benefits of modern authorization include:
- Customizable: Access policies can be fine-tuned to a user’s needs and the sensitivity of the data being protected.
- Streamlined: Admins configure all policies at one centralized location.
- User-Friendly: The identity provider acts as a hub, allowing users to access multiple systems using minimal apps. It combines the simplicity of Single Sign-On (SSO) with conditional access, allowing for multiple user authentication journeys.
Modern authentication not only complements legacy authentication’s ability to verify a user’s identity but maintain a zero-trust environment as well. A user can only access what they need while maintaining security and convenience.
If you need help configuring Modern Authentication within your organization, give us a call today. 2W Tech is a technology solutions provider and a Microsoft Gold Partner. We have IT Consultants on staff that specialize in Microsoft 365 and security solutions and can help ensure your business and users are protected from outside threats.
During Cybersecurity Awareness Month, Strengthen Your Passwords