Skip to main content

Deprecation of Basic authentication in Microsoft Exchange Online

This article explains what Microsoft are changing and that this decision requires customers to move from apps that use Basic authentication to apps that use Modern authentication.

Written by Terence Cassidy
Updated over a month ago

What Microsoft are changing

  • Microsoft are removing the ability to use Basic authentication in Exchange Online for Exchange ActiveSync (EAS), POP, IMAP, Remote PowerShell, Exchange Web Services (EWS), Offline Address Book (OAB), Outlook for Windows, and Mac.

  • Microsoft are also disabling SMTP AUTH in all tenants in which it's not being used.

  • This decision requires customers to move from apps that use basic authentication to apps that use Modern authentication.

What is Modern authentication?

Modern authentication (OAuth 2.0 token-based authorization) has many benefits and improvements that help mitigate the issues in basic authentication.
For example, OAuth access tokens have a limited usable lifetime, and are specific to the applications and resources for which they are issued, so they cannot be reused.
Enabling and enforcing multi-factor authentication (MFA) is also simple with Modern authentication.
​

In September 2022, Microsoft announced there will be one final opportunity to postpone this change. Tenants will be allowed to re-enable a protocol once between October 1, 2022, and December 31, 2022. Any protocol exceptions or re-enabled protocols will be turned off early in January 2023, with no possibility of further use. See the full announcement at Basic Authentication Deprecation in Exchange Online – September 2022 Update

What this means: Sending Emails from RDB

Access RDB sends email via SMTP using Basic Auth
​
Microsoft confirmed on September 7 on this post: Basic Authentication Deprecation in Exchange Online – September 2022 Update - Microsoft Tech Community that they will not be disabling or changing any settings for SMTP AUTH.

SMTP AUTH will still be available when Basic authentication is permanently disabled on October 1, 2022. The reason SMTP will still be available is that many multi-function devices such as printers and scanners can't be updated to use modern authentication.
​

However, we actively encourage customers to move away from using Basic authentication with SMTP AUTH when possible. Other options for sending authenticated mail include using alternative protocols, such as the Microsoft Graph API.
​
This means that on the 1 October if you are set up with SMTP using Basic Auth you will continue to work as normal.

πŸ“Œ Note: Microsoft have said that any new Tenant set up post 1 October will not have the ability to set up SMTP Auth.

Next Steps

Access are already working on a version of RDB that is Modern Auth compliant. This is on the priority roadmap and more details are to be shared moving forward. We expect a solution to be ready by the end of the year. (This is now available to use)
​
If you have not done so, and need to enable Basic SMTP Auth your Office 365 Tenant Admin can do this a few ways. Example below :

  1. Log into the portal.office.com with admin credentials.

  2. Click the Admin tab and select Users.

  3. Click Active users and then click on a user.

  4. Click on Main and select manage email apps.

  5. Select Authenticated SMTP (This is the Basic SMTP AUTH) and click SAVE.

What this means: RDB Sync

Access RDB Sync connects to the local copy of Outlook so we have no expectation of loss of function.
​
Please note Microsoft do state that Outlook 2013 onwards will need to use Modern Authentication. Details can be found in this post.

Related Articles
RDB eMail using Modern Authentication - Office 365 configuration
Sending eMails using Modern Authentication
Did this answer your question?