Upcoming Webinar
Understand How Your Peers Approach AD Forest Recovery
Join this webinar and not only learn about what your peers are doing, but also learn about a new patent-pending modern approach to AD forest recovery from Cayosoft.
New episode!
Unlocking the Secrets of App Security!
In this episode of UnplugIT, Stephen Rose talks to IT expert and technology engineer Sean Hurley about how to secure apps in the cloud.
Essential Eight + Microsoft 365 Backup Compliance
This download allows you to demonstrate exactly how the technology you use keeps customers covered and compliant.
UK Ransomware Guidelines + M365 Backup Compliance
This download allows you to demonstrate exactly how the technology you use keeps customers covered and compliant.

M365 Changelog: Basic Authentication retirement in Microsoft 365 Apps

MC649046 – Microsoft 365 Apps are disabling server sign-in prompts using Basic authentication in Office Apps. Microsoft is making this change because basic authentication is a legacy authentication method that sends a username and password with each request. As a result, an attacker can access these credentials and use them to access resources. Continued use of Basic Authentication is a big security concern, so Microsoft has decided to deprecate it from all tenants.

Microsoft will retire this feature in Office Apps version 2307+. Instead, Microsoft recommends moving to a more secure authentication method, preferably Modern Authentication, and enabling multi-factor authentication based on OAuth2.0 token-based auth.

This retirement will not affect Exchange Online and Exchange on-premises. Customers using basic authentication to connect to Exchange on-premises/Exchange Online can continue to use basic authentication without any changes to Exchange.

There is a separate effort to retire Outlook connecting to Exchange Online using Basic Authentication. Please see Exchange Online – September 2022 Update.

Windows files share access is not affected. The underlying authentication layer for file share is NTLM, and there is not change to NTLM. More information is here – Microsoft SMB Protocol Authentication – Win32 apps | Microsoft Learn.

Access to files stored on SharePoint on-premises server that are using basic authentication will be blocked. However, files stored on SharePoint Online, OneDrive for Business are not affected. Customers who currently store files on web servers that use Basic authentication can move those files to SharePoint Online, OneDrive for Business, or SharePoint Server on-premises as a solution.

Note: This change is only impactful for organizations with on premises servers. If you do not have on premises servers, you can safely disregard this message.

When this will happen:

Microsoft will begin rolling this change to Current Channel in August 2023.

For additional channel timing please review: Basic authentication sign-in prompts are blocked by default in Microsoft 365 Apps

How this will affect your organization:

Once Basic authentication is disabled in your tenant, users with the Office Version 2307 or higher on their devices will not be able to access resources from servers using Basic authentication.

After the upgrade, end-users will get a Blocking message. If a user tries to open a file stored on a server still using Basic Authentication, Office Client App will block the sign-in prompt and present this pop-up message to the user.

View image in new tab

Note: Exchange Online team is working on retiring Basic Authentication separately, Outlook will continue to support Basic Authentication with Exchange Online till that work is complete. Access to all other resources using Basic Authentication will be blocked in Outlook Version 2209 and higher. Deprecation of Basic authentication in Exchange Online

This is a sample Basic Authentication login window:

View image in new tab

Additional information