<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeKnowledge Base
RC4_HMAC_MD5 Encryption for ADSSO and Microsoft Office 365 Silent Activation
Oct 28, 2025
Okta Classic Engine
Okta Identity Engine
Directories
Overview

As of October 5, 2023, Okta no longer supports RC4_HMAC_MD5 encryption for Agentless Desktop Single Sign-On (ADSSO) and Silent Activation for Microsoft Office 365. Any users in orgs still using RC4_HMAC_MD5 encryption will have their authentication blocked in ADSSO and Office 365 Silent Activation flows.

Applies To
  • Agentless Desktop Single Sign-On (ADSSO) 
  • Microsoft Office 365 (O365) Silent Activation
Solution

If using ADSSO and Office 365 Silent Activation, update the encryption method from RC4_HMAC_MD5 to one of the alternate, supported encryption methods. Okta recommends using AES 128-bit (AES-128) or AES 256-bit (AES-256) encryption.

To make this change, use a local security policy to change the encryption settings of a single computer or server. Alternatively, implement a group policy to apply the encryption settings to multiple servers or computers in the domain, including domain controllers.

For a detailed guide, please review the article Configuration Steps to Update to AES Due to End-of-Life RC4_HMAC_MD5 Encryption for ADSSO and Silent Activation.

Recommended content

Still looking for help?
Loading
RC4_HMAC_MD5 Encryption for ADSSO and Microsoft Office 365 Silent Activation