The Modern Authentication feature improves client security with single sign-on and multifactor authentication options.
Microsoft is changing the way Outlook users connect to Exchange Servers, moving away from traditional methods, such as Windows authentication or storing a plain-text username and password, and moving toward the cloud.
Modern Authentication is a new feature that can benefit organizations that require true single sign-on within the Outlook client or real multifactor authentication. It integrates browser-based authentication into Outlook and other Office clients and allows the client to use Open Authorization-based authentication to Office 365.
Using browser-based authentication within the client has a number of immediate benefits.
- Active Directory Federation Services (AD FS) end users can achieve true single sign-on within Outlook on domain-joined computers.
- Admins can enable multifactor authentication (MFA), and Outlook can prompt end users for a second authentication factor.
- The password is never stored on the Windows PC.
Since Office 365 first became available, it hasn’t been possible to avoid end users needing to enter their passwords when configuring Outlook with Exchange Online. Admittedly, this is a minor inconvenience as the password can be stored on the client. Never having to prompt end users for credentials will ease an email migration to Office 365.