
close
close
Upcoming FREE Conference on Identity Management and Privileged Access Management
MC286990 – Microsoft is making some changes to improve the security of your tenant. Microsoft announced in 2019 they would be retiring Basic Authentication for legacy protocols, and in early 2021 they announced that they would begin to retire Basic Authentication for protocols not being used in tenants, but not disable Basic Authentication for any in-use protocols until further notice.
Today, Microsoft is announcing that they are restarting the program to end the use of Basic Auth in Exchange Online. Beginning October 1, 2022, Microsoft will begin to disable Basic Auth in all tenants, regardless of usage.
Microsoft previously communicated this change via several Message Center posts: MC191153 (Sept. ‘19), MC204828 (Feb. ‘20), MC208814 (April ‘20) and MC237741 (Feb. ‘21) and you can always read the latest information about our plans to turn off Basic Authentication here.
Beginning early 2022, as Microsoft rolls out the changes necessary to support this effort, they are also going to begin disabling Basic Auth for some customers on a short-term and temporary basis.
Microsoft will randomly select tenants and disable Basic Auth for all protocols for a period of 12-48 hours. After this time, these protocols will be re-enabled, if the tenant admin has not already re-enabled them using their self-service tools.
During this time all clients and apps that use Basic Auth in that tenant will be affected, and they will be unable to connect. Any client or app using Modern Auth will not be affected. Users can use alternate clients (for example, Outlook on the Web instead of an older Outlook client that does not support Modern Auth) while they upgrade or reconfigure their client apps.
How this will affect your organization:
If you receive a Message Center post between now and October 2022, informing you that Microsoft is going to disable Basic Auth for a protocol due to non-usage, or you get one saying they know you are using Basic Auth, but they intend to proactively disable it for a short period of time, and you don’t want us to disable specific protocols, you can use the new self-service feature in the Microsoft 365 admin center to opt-out and request that they leave specific protocols enabled until October 2022. Microsoft added this feature to help minimize disruptions as you transition away from using Basic Auth.
Microsoft will disable Basic Authentication beginning October 2022, and once that happens, users in your tenant will be unable to access their Exchange Online mailbox using Basic Authentication.
Read more here.
More in Microsoft 365 Changelog
M365 Changelog: Power Apps – Update regarding Monitor for model-driven apps
Mar 20, 2023 | Rabia Noureen
M365 Changelog: (Updated) Wiki retirement and the future of note taking in Teams Channels
Mar 17, 2023 | Rabia Noureen
M365 Changelog: (Updated) Microsoft Edge to replace built-in PDF engine with Adobe Acrobat PDF engine
Mar 17, 2023 | Rabia Noureen
M365 Changelog: Data export features available within the Viva Engage Admin Center
Mar 17, 2023 | Rabia Noureen
M365 Changelog: Additional details on the evolution of Yammer to Viva Engage
Mar 17, 2023 | Rabia Noureen
Most popular on petri