Hi @Indrani Gajjarapu ,
Compared to other authentication methods, basic authentication only requires an account and password. At present, it seems that its security and anti-attack is unreliable. I believe Microsoft's decision to deprecate this feature is also with these in mind.
Currently the IIS documentation has not updated the instructions for this section, so this means that the IIS team is still considering or a decision has been made but no updated documentation. I think you can be patient and wait for the documentation to be updated.
Regarding your second question, I don't think this affects apps with multiple authentication enabled. The site in IIS chooses the correct authentication based on the client. Even if basic authentication cannot be used, other available authentications will be selected.
If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
Best regards,
Bruce Zhang