Legacy authentication SHALL be blocked.

Why This Matters

Legacy authentication protocols like POP3, IMAP, SMTP, and basic authentication bypass modern security controls such as multifactor authentication (MFA) and conditional access. If an attacker compromises credentials for an application using legacy authentication, they can access mailboxes and other resources without additional verification. Blocking legacy authentication is a critical step in preventing credential-based attacks and enforcing your organization’s identity security policies.

What Aether365 Checks

This check verifies that legacy authentication is blocked for your Azure AD (Entra ID) tenant. It appears in the Aether365 dashboard under the entra-id checks section.