As mentioned in the title, we will discuss legacy authentication, what it is, why we should block legacy authentication, and how to do it. Let's begin!
What is legacy authentication?
Legacy authentication protocols are the basic protocols used by old office client applications. These are authentication methods commonly used by mail protocols such as IMAP, SMTP, POP3, Autodicover etc. These protocols are mainly used by old office365 client applications such as Outlook 2010.
These protocols do not support or enforce Multi-factor authentication attackers, therefore, prefer these entry points to attack your organization.
Below protocols are considered as legacy authentication protocols.
Exchange Online PowerShell
Exchange Web Services
MAPI over HTTP
OAB (Offline Address Book)
Reporting Web Services