14 DAY TRIAL // We’ve known for a while that Microsoft was planning to kill off Basic authentication in Microsoft Exchange Online, but now that the deadline is just around the corner, the software giant is offering one final warning to customers who might be caught unguarded.
In a new tech support document, Microsoft is explaining that Basic auth would be retired in early January 2023, with the company pointing to the security risks that are related to this method as the main reason.
Needless to say, once Basic auth is being disabled, there’s no way to enable it once again, with Microsoft even saying loud and clear that “calling support will not help.” Nobody can re-enable Basic auth, so switching to Modern authentication is pretty much the only option.
“In early January 2023, we will permanently turn off Basic auth for multiple protocols for many Exchange Online tenants. We want to thank you once again for all the hard work you’ve done to prepare your tenant and users for this change, and for your part in helping secure our service and your data,” the Exchange Team said in a recent post.
Microsoft says that customers should start seeing a notification in the Message Center approximately one week before Basic auth is retired for good.
“Beginning in early January, we will send Message Center posts to affected tenants about 7 days before we make the configuration change to permanently disable Basic auth use for protocols in scope (we are still not touching SMTP, but you should). Soon after basic auth is permanently disabled, any clients or apps connecting using Basic auth to one of the affected protocols will receive a bad username/password/HTTP 401 error. The only remediation for this is to update the client or app or use a different client or app that supports Modern authentication,” the company explains.