MC454810 – Updated March 3, 2023: Microsoft has updated rollout timeline below. Thank you for your patience.
Microsoft 365 Apps are disabling server sign-in prompts using Basic authentication in Office Apps. Microsoft is making this change because basic authentication is a legacy authentication method that sends a username and password with each request. As a result, an attacker can access these credentials and use them to access resources. Continued use of Basic Authentication is a big security concern, so Microsoft has decided to deprecate it from all tenants.
Microsoft will retire this feature in Office Apps version 2209+. Instead, it recommends moving to a more secure authentication method, preferably Modern Authentication, and enabling multi-factor authentication based on OAuth2.0 token-based auth.
Note: This change is only impactful for organizations with on premises servers. If you do not have on premises servers, you can safely disregard this message.
When this will happen:
Microsoft will be rolling this change beginning early January 2023 and expect to complete by late April (previously February).
How this will affect your organization:
You are receiving this message because our reporting indicates one or more users in your organization are using basic authentication to access resources.
Once Basic authentication is disabled in your tenant, users with the Office Version 2209 or higher on their devices will not be able to access resources from servers using Basic authentication.
After the upgrade, end-users will get a warning message first, this message will show for 30 days and encourage users to move away from basic authentication.
After 30 days, if a user tries to open a file stored on a server still using Basic Authentication, Office Client App will block the sign-in prompt and present this pop-up message to the user.
Note: Exchange Online team is working on deprecating Basic Authentication separately, Outlook will continue to support Basic Authentication with Exchange Online till that work is complete. Access to all other resources using Basic Authentication will be blocked in Outlook Version 2209 and higher. Deprecation of Basic authentication in Exchange Online
This is a sample Basic Authentication login window:
What you need to do to prepare:
You should move the servers using Basic authentication to another authentication method.
Please click Additional Information to learn more.