If a complex password is required, birthdays, anniversaries and similar dates are integrated into the above pattern.Passwords are often terms from the user’s personal life, such as the name of their partner/spouse, their children, or their favorite free time activity.Users prevent “forgotten passwords” through Post-Its.This results in several vulnerabilities of the widely deployed Basic Authentication: Because Basic Authentication has also suffered this fate (for many years now). And that’s exactly what makes them problematic. Things that we are used to, because they are widely used, often become the target of hacker attacks (targeted and untargeted). These are, for example, access to webmail services, shopping portals or other online services. People are used to logging in with a user name and password, something that is used in many situations. Of course, an extra login server could be interposed, for example an Active Directory Domain Controller, but the principle remains unchanged: Basic Authentication login process The following image illustrates the authentication process schematically.
This choice of words (consciously or unconsciously) emphasizes the age of this method. Basic Authentication is often also called Legacy Authentication. There is no need for an additional logon factor, for example SMS code or confirmation by an additional action on the mobile device. In simple terms, basic authentication is logging in with just a user name and password. But what exactly does this mean for customers? Who is affected? In this article we explain the situation in detail, who is affected by this change (and who is not) and what you can do to ensure that this global shutdown does not cause any problems for you. Microsoft has been announcing this for a long time, and now it has finally happened. Deprecation of Basic Authentication in Office 365 (Exchange Online) is near.
0 kommentar(er)
