To improve email security, starting October 1, 2022, Microsoft will begin to permanently disable Basic Authentication in all tenants, including Exchange Online.
Since announced in 2019, many customers and partners have already started to move their contacts and apps to Modern Authentication. On October 1st, Microsoft will randomly select tenants, send 7-day warning messages, and turn off Basic Auth in those customers and partners' tenants. Microsoft’s goal is to complete this by the end of 2022.
Once this change is made, users in your tenant will be unable to access their Exchange Online mailbox using Basic Authentication. They will need to move to Modern Authentication which is a safer and more long-term solution.
Specifically, Microsoft is turning off Basic Auth for the following protocols: MAPI, RPC, Offline Address Book (OAB), Exchange Web Services (EWS), POP, IMAP, Exchange ActiveSync (EAS), and Remote PowerShell.
Why is the Move from Basic Auth Necessary?
Basic Auth is one of the most common culprits for Microsoft Customers to be susceptible to security attacks and get compromised. In order to decrease your business and tenants risk, start to move your data over to another safe location, or wait for Microsoft It to do it for you come October.
How can I prepare for this change?
If you have Outlook, make sure it is up to date, has registry keys in place, and the tenant-wide enable switch is on. Without that setting on, Outlook won't use Modern Auth. If a user is logged into any kind of Microsoft 365 app, for example, Teams, they are already authenticated and won’t be notified.
If a user is worried about security while they upgrade or reconfigure client apps, you can switch to using Outlook on the web in the meantime as it is more current and secure.
Microsoft will not be turning off SMTP AUTH if it is enabled and in use in your tenant. They do recommend disabling it at the tenant level and only enabling it for user accounts that still use and need it.
How do you know if you are still using Basic Auth? Can learn more and check your status here.
To disable Basic Auth, use Auth Policies. Microsoft will disable Autodiscover down the road once everyone has moved to Modern Auth. If you need help or have any questions regarding disabling your Basic Auth tenant, JourneyTEAM Cloud and security experts are here to help you. Contact us to set up a time to connect.