if digest-md5 is removed from the server's configuration), it does not adapt to the new situation unless the client configuration is removed and added again.īottom line: If you or your clients are using Outlook SPA, they should deactivate that checkbox. Outlook stores the algorithm for password encryption only once when the account is configured. The Outlook issue that has been described before, is caused by a problematic behavior of Outlook when the SPA checkbox is checked (secure password authentication). So your only choice is to remove digest-md5 from the server. The problem here is that the Android app always tries digest-md5 and does not include an option where the user can either disable secure password authentication or choose the algorithm he/she wants to use. As the app always tries to use Digest-MD5 first, it causes wrong login attempts, this in turn causes Fail2Ban to trigger an ip block. Digest-MD5 is a legitimate algorithm, it just does not work with the Android apps if Fail2Ban is active.
0 kommentar(er)
