Did you know that as of October 1, 2022, Microsoft is deprecating Basic authentication in Exchange Online? Check out the full announcement from Microsoft. In simple terms, this means that Microsoft will remove the ability to use Basic authentication in Exchange Online for Exchange ActiveSync, POP, IMAP, Remote PowerShell, Exchange Web Services, Offline Address Book, Outlook for Windows, and Mac.
You’re probably thinking … does this apply to me? Should I be worried about it? Or maybe you’re tech savvy and are wondering what you can do about it. Either way, we can help.
Let’s Start with the Basics
First off, let’s define basic (or legacy) authentication. Essentially it means the application sends a username and password with every request, and those credentials are often stored or saved on the device. Traditionally, basic authentication is enabled by default and quite easy to set-up.
What is Modern Authentication
Modern authentication is what Microsoft if moving towards. It’s an umbrella term for a combination of authentication and authorization methods between a client (your laptop or phone) and a server, as well as some security measures that rely on access policies that you may already be familiar with. It includes MFA, OAuth, and Conditional Access.
What affects does this change have?
When Microsoft deprecates basic authentication in Exchange Online, it is expected that several older and 3rd party email applications will no longer work with Microsoft email. To prepare your organization, there are several actions that you and your users can take to avoid service disruptions on client applications. Here are a few to get you started:
- Begin by updating the client applications your users are using to versions that support OAuth 2.0.
- If you have written your own code using protocols with Basic Authentication, you will need to update your code to use OAuth 2.0.
- RPS | Connect to Exchange Online PowerSheel without Basic Authentication or use Exchange Online PowerShell V2 Module, which supports modern authentication.
- Exchange ActiveSync | If your organization is still using Exchange ActiveSync, you can use Outlook Mobile clients to connect with Exchange Online.
- IMAP/POP | Use Microsoft Planning to add OAuth support to both IMAP and POP. If you want to keep using these protocols, you will need to update the app to one that supports Modern Auth.
Check out these references for more information on the change: