Office 365 Basic Authentication Deprecation

Jason-Meilleur-Headshot-Square
Written by: Jason Meilleur
Published: September 26, 2022

Microsoft has announced that Office 365 Basic Authentication will be disabled beginning October 1, 2022.

Affected Services: 

  • Exchange Online for Exchange ActiveSync (EAS)
  • POP, IMAP, and SMTP Auth
  • Remote PowerShell
  • Exchange Web Services (EWS)
  • Offline Address Book (OAB)
  • Outlook for Windows, and Mac

Why is Basic Authentication being deprecated?

  • Basic authentication is an outdated industry standard
  • Basic authentication is easier for attackers to capture user credentials
  • Enforcement of Multi-Factor Authentication (MFA) is not possible with Basic Authentication

What do I need to do?

How do I know if I’ll be impacted?

As Basic Authentication will be deprecated on October 1, 2022 this year, all the users who are using Basic Authentication need to be upgraded to Modern Authentication because they will run into issues accessing their account/Office apps.

You can check the Azure Sign-in logs to view which users/devices are still using Basic Authentication using the procedure below:

  1. Go to portal.azure.com
  2. Go to Azure Active Directory > Users > Sign-in logs
  3. Click on Add filters.
  4. Select Client app
  5. Click on “Client app: None Selected”
  6. Select all the apps under Legacy Authentication Clients.
  7. Apply the filter for last 1 month.
  8. Click on Download > Download CSV

You will have all the users listed who are currently using Basic Authentication. These users need to be upgraded to Modern Authentication.

How 360 Visibility can help you:

If you require assistance reviewing your environments and affected services, or have additional questions regarding Office 365 Basic Authentication deprecation and how it impacts your organization – Click here to learn about our Microsoft 365 Support Services.

Related Posts