Ensure modern authentication for SharePoint applications is required.
sharepoint_modern_authentication_required
Ensure that modern authentication is required for SharePoint applications in Microsoft 365, preventing the use of legacy authentication protocols and blocking access to apps that don't use modern authentication.
Risk
If modern authentication is not enforced, SharePoint applications may rely on basic authentication, which lacks strong security measures like MFA and increases the risk of credential theft.
Run this check with Prowler CLI
prowler m365 --checks sharepoint_modern_authentication_required
Remediation
Set-SPOTenant -LegacyAuthProtocolsEnabled $false
1. Navigate to SharePoint admin center https://admin.microsoft.com/sharepoint. 2. Click to expand Policies select Access control. 3. Select Apps that don't use modern authentication. 4. Select the radio button for Block access. 5. Click Save.
Block access for SharePoint applications that don't use modern authentication to ensure secure authentication mechanisms.
Source Code
Resource Type
Sharepoint Settings