Microsoft is updating security defaults for all Microsoft 365 tenants to block legacy authentication protocols like RPS and FPRPC, enhancing protection against brute-force and phishing attacks. The rollout will begin in mid-July 2025, requiring admin consent for third-party app access and further strengthening tenant security. #Microsoft365 #SecurityDefaults
Keypoints
- Microsoft will disable legacy authentication protocols to improve security across Microsoft 365 services.
- The changes will require admin approval for third-party app access to protect organizations’ data.
- The rollout begins in July 2025 and is expected to complete by August 2025.
- These updates are part of Microsoft’s broader ‘Secure by Default’ initiative and security enhancement plan.
- Additional security measures include disabling ActiveX controls and restricting certain file types in Outlook.