Because the credentials are sent “in the clear” the use of SSL is highly recommended for securing them.
Also, because Basic Authentication credentials can be cached in web browsers it is recommended to use an additional authentication factor (eg a one-time password from a token) to prevent unauthorized access from public kiosk computers using the cached credentials.
Digest Authentication – this method solves the problem with Basic Authentication where credentials are sent “in the clear” by sending a hashed password instead.
Using the Exchange Management Console navigate to Server Configuration -Paul is a Microsoft MVP for Office Servers and Services.
He works as a consultant, writer, and trainer specializing in Office 365 and Exchange Server.
However Integrated Authentication is not suitable for remote access by people using non-domain member computers, or people who are connecting via proxy servers.
Basic Authentication – this uses the HTTP protocol to send the logon credentials to the server.
Outlook Web App (OWA) is the webmail interface for Exchange Server 2010.
Most of you will already be familiar with the acronym OWA from previous versions of Exchange Server where webmail was named Outlook Web To connect to Outlook Web App users must authenticate first.
Its job was to log each person into the service and keep them logged in through thick and thin.
When Outlook occasionally became confused and displayed the above password prompt, no password would satisfy it.
However Digest Authentication does have some other configuration requirements, such as the use of reversible encryption for password storage in Active Directory.