Clients maintain a list of preferred SASL mechanisms, generally ordered by - perceived strength to enable strong authentication (RFC 6120 §6.3.3 + perceived strength to enable strong authentication (&rfc6120; §6.3.3 Mechanism Preferences). To prevent downgrade attacks by a malicious actor that has successfully man in the middled a connection, or compromised a trusted server's