Microsoft 365: Legacy Authentication Protocols Security Update

19.06.25

Threat Intelligence Alerts

Home News Microsoft 365: Legacy Authentication Protocols Security Update

Starting in mid-July 2025, Microsoft will begin automatically blocking legacy authentication protocols in Microsoft 365, with full enforcement expected by August 2025. This update addresses critical vulnerabilities frequently exploited by cyber criminals for brute-force attacks and unauthorised access attempts.

Key Changes:

Blocking RPS (Relying Party Suite) for SharePoint and OneDrive browser authentication.
Disabling FPRPC (FrontPage Remote Procedure Call) protocol for Office file access.
Mandatory admin consent for third-party application access.

Over 99% of password spray and over 97% of credential stuffing attacks arise from legacy authentication protocols. Azure AD accounts that disabled legacy authentication encounter 67% fewer compromises than those with legacy authentication enabled.

Legacy authentication protocols remain vulnerable because they cannot support multi-factor authentication (MFA) and make systems susceptible to credential theft, phishing, and brute-force attacks.

Immediate Recommendations

Inventory Assessment: Identify applications using legacy authentication
User Communication: Notify stakeholders about upcoming changes
Application Updates: Transition to modern authentication methods
Testing: Validate critical applications will function after update

Long-term Enhancements

Migrate to OAuth 2.0 and OpenID Connect.
Implement Multi-Factor Authentication (MFA) across all accounts.
Deploy granular access controls.
Implement authentication logging and anomaly detection.

This security update substantially reduces attack surfaces available to cyber criminals and organisations should focus on application inventory, user communication, and testing to ensure business continuity while maximising security benefits.