Block legacy authentication on service level - AlexFilipin/ConditionalAccess GitHub Wiki

Next to the conditional access policies you should also block legacy authentication on service level.

• SharePoint Online LegacyAuthProtocolsEnabled tenant setting
• Exchange Online Authentication Policies or the basic authentication protocols settings in the Microsoft 365 admin center. In the Microsoft 365 admin center, in the left nav choose Settings > Org settings. Under the Services tab, choose Modern authentication, and find the settings for "Allow access to basic authentication protocols".