Deprecation of Exchange Online Basic Authentication

Microsoft will be turning off Basic Authentication for Microsoft 365 Exchange Online for all tenants starting from October 1st 2022. Microsoft previously confirmed this change in September 2021, in response to more sophisticated cyber criminal activity targeting less secure protocols such as Basic Authentication. Modern Authentication, using the more secure OAuth 2.0 token based authentication protocol, has been available for some time and is the preferred authentication method for all Microsoft 365 services.

What does this mean for you? If you are still using Basic Authentication for any devices or applications to connect to Microsoft 365 Exchange services, then these will stop working from the 1st October onwards. You are advised to identify whether you do have any devices or applications that still use Basic Authentication, and upgrade or replace these before October 1st. To help you with this identification, Microsoft are providing usage reporting in the Microsoft 365 Message Centre.

Basic Authentication for Exchange Online may still be in use if you are using any of the following devices or applications:

  • Some third-party email applications on Windows, Mac or mobile devices (Android and iOS)
  • Older versions of Outlook for Windows or Mac
  • Older mobile devices that do not support Outlook for Android or iOS
  • Older multi-function printers and photocopiers
  • Any application or device configured to use POP or IMAP for mailbox access.

If you think this may affect you and need assistance with it, don’t hesitate to contact us.