in

What Is Microsoft Modern Authentication? [#1 Answer]

For years, Windows (and other systems) have relied on protocols like CHAP, NTLM, and Kerberos, which don’t work particularly well over the internet. Basic authentication, which is very straightforward, would be used to authenticate for accessing internet resources. Password and username were stored in one header field in plain text. They also had base64 encryption. For this reason, Basic Auth needed to be combined with SSL to encrypt the headers (Remember the adage: NEVER authenticate to a website that is not SSL protected) and protect the user’s credentials. There are still vulnerabilities in Basic Auth even if HTTPS is being used. The first is that the authentication header will be sent along with every request. This means there is virtually unlimited opportunity for credentials to be stolen. Second, the password will be cached (and possibly permanently stored) within the browser, creating another surface for compromise 😁 Additionally, the entire basis of basic authentication is predicated on a very simplistic and archaic usernamepassword architecture that Microsoft is trying to eliminate 👍 [1]
Modern AuthenticationModern Authentication does not consist of a single method of authentication. It is a group of protocols designed to improve the security of cloud-based resources. OAuth, WS-Federation and SAML are examples of Modern Authentication protocol. Although each protocol is different, all of them aim to abandon the username-password approach and instead use token-based claims. The username and password are still required for authorization with identity providers to obtain a token to access the account. A claim is a form of more detailed information that describes the rights and responsibilities of the requestor. Jennifer Young, Dali (China) on July 8, 2020 edited this text. [2]
Image #2
Modern Authentication for PowerShell, however, is currently in Public Preview. This can be enabled for tenants, but there is very little support. Modern authentication can only be enabled with ADFS 3.0. This feature is available only in Windows Server 2012 R2 (and Windows Server 2016). ADFS 2.1 for Windows Server 2012 and ADFS 2.0 for Windows Server 2008/2008R2 are not supported. This means that you’ll need to update to be able to use this feature. Modern Authentication requires ADFS 3.0. Modern Authentication cannot be used if you use Password Synchronization and Cloud Identity only as your authentication method to Office 365. This was last revised on April 20, 2019, by Andrell Ruth (Valencia, Venezuela). [3]
Image #3
Mailstore.com This article explains how Basic Authentication works. Let’s look at an example. Let’s say you are flying to another country and then get off the plane at the border. And now let’s pretend that the process works a bit different than you are used to. Instead of showing your passport, you tell the security officer: “Hi, my name is John Doe, my password is XYZ and I’m originally from Germany”. With this information, the security officer gives the national authorities in Germany a call and explains the following: “There’s a guy at my desk who wants to enter our country. He says he’s from Germany, his name is John Doe and his password is XYZ. Is that correct?”. It is confirmed by the authorities who verify it. This is how the security officer is happy to tell you that your information is correct and you’re allowed to enter the country. Such a procedure at the border control wouldn’t feel quite right, would it? So, what’s wrong with this approach? The first is that there is no extra check like an additional passport with more information such as a photo. The security agent would not be able to tell if you’re the one you say you are. Anybody who has access to your password and name could pose as you. The second step is to reveal information you believe to be private to someone and to trust the security guard. Basic authentication works in the digital age. [4]
Image #4

Refer to the Article

  1. https://www.kraftkennedy.com/modern-authentication-vs-basic-authentication/
  2. https://blog.matrixpost.net/modern-authentication-office-365/
  3. https://www.sparkhound.com/blog/office-365-modern-authentication
  4. https://www.mailstore.com/en/blog/why-you-should-use-modern-authentication/
Mae Chow

Written by Mae Chow

Passionate about writing and studying Chinese, I blog about anything from fashion to food. And of course, study chinese! I'm a passionate blogger and life enthusiast who loves to share my thoughts, views and opinions with the world. I share things that are close to my heart as well as topics from all over the world.

Why Is Turkey The Main Dish For Thanksgiving? [TOP ANSWER!]

Where Does Chile Get Its Drinking Water? [Solved]