Legacy authentication, AKA basic authentication, are requests made by older software tools to verify or validate a specific user accounts.

Microsoft will disable legacy authentications in the near future. Any company that uses legacy protocols, including but not limited to HTTP, FTP, IMAP, SMTP, POP3 or custom applications, is considered insecure, even if behind a firewall.  

As soon as legacy authentication goes out of service, your applications, including custom applications, may no longer operate as expected, potentially exposing your application to data leakage or security concerns, or worse, opening your business up for ransom-ware. If you are not using modern authentication methods, your applications and information could be at risk. 

While most companies believe they have resolved the issue, we have discovered that 98% of the companies are still using legacy authentications somehow.

Here are your options on how to tackle this deprecation:

1. Do nothing - not an answer unless you are ready for some major business disruption. Many legacy apps may stop working.

2. Do it yourself - from what we have observed as the 2020 US Top Microsoft 365 Security Partner, most companies think they have updated all the applications, but in actuality only a few have.

3. Get a security assessment, including a modern authentication readiness assessment. Get findings and recommended next steps from our Consultants.

© 2021 Catapult Systems. All rights reserved.  

Fill out the form and a Security expert will reach out to you shortly.

Ready For an Assessment?

Catapult's Privacy/Cookie Policy

Disable Legacy Authentication Protocols Before It's Too Late

Get a Security Assessment 

List of legacy applications that could be affected:

After retirement, some applications may just stop working. If the authentication is not done properly, your accessibility to them will break and it will leave security vulnerabilities in your environment.

  • Authenticated SMTP
  • Autodiscover
  • COTS or In-House Applications
  • Custom Applications (Web or Client-Server)
  • Exchange ActiveSync (EAS)
  • Exchange Online PowerShell
  • Exchange Web Services
  • IMAP4
  • MAPI over HTTP
  • Offline Address Book (OAB)
  • Outlook Anywhere (RPC over HTTP)
  • Outlook Service
  • POP3
  • Reporting Web Services

FY20 US Top Microsoft 365 Security Partner

2019 MSUS Partner Award Winner
Modern Workplace – 
Security and Compliance

5 Advanced Specializations, 17 Microsoft Competencies
Including Gold in Security

Catapult is Recognized as a World-Class Security & Compliance Services Provider

Catapult is a Microsoft-focused solutions and services firm that specializes in imagining, building and sustaining digital transformation and cloud-based technologies that people love to use. Catapult has consistently been recognized as a leading Microsoft partner for its expertise in digital transformation and cloud-based technologies. Catapult has offices nationwide in Austin, Dallas, Denver, Houston, Phoenix, San Antonio and Tampa as well as sales offices in Chicago, New York City Metro, Atlanta and Raleigh.

Who We Are

Who We Are

Ready For an Assessment?