After verifying the password with the Exchange server, the Microsoft 365 or Office 365-based architecture uses the device key to encrypt the password, and the encrypted password is then stored in the service. When a user logs onto Exchange with Basic authentication, the username, password, and a unique AES-128 device key are sent from the user's device to the Outlook cloud service over a TLS connection, where the device key is held in runtime compute memory. This key is known as the device key and is stored only on the user's device. The first time the Outlook app for iOS and Android is run in an Exchange on-premises environment, Outlook generates a random AES-128 key. ![]() Creating an account and protecting passwords For more information, please see Using hybrid Modern Authentication with Outlook for iOS and Android. The information contained in this article only pertains to basic authentication. ![]() Outlook for iOS and Android supports hybrid Modern Authentication for on-premises mailboxes which eliminates the need to leverage basic authentication.
0 Comments
Leave a Reply. |