Deprecation of Microsoft 365 Basic authentication

10.08.22

Applications have used basic authentication for years, however as a step towards better cybersecurity and Modern authentication, Microsoft are removing the ability to use Basic authentication in the next few months.  

Why is the ability to use Basic authentication being removed?

Basic authentication is the traditional (simplistic) means of authentication, whereby an application sends a username and password with each request and those credentials are usually stored or saved on the device.  

Whilst this method is simple to set up and has served us well for years, it’s considered to be outdated. Security threats have only increased over time by the use of Basic authentication; it makes it easier for attackers to break into systems by capturing user credentials.   

By disabling Basic authentication, Microsoft is improving the data security associated with their cloud email platform. 

When will it be removed?

Microsoft have already started making this change, new Microsoft 365 tenants are created with Basic authentication already turned off, and from early 2021, they started to disable Basic authentication for existing tenants with no reported usage following a Message Centre notification.  

However, from October 1 2022, Microsoft will begin removing the ability to use Basic authentication completely for Outlook and email services related to Exchange Online. 

How do I know if I’m currently using Basic authentication?

A simple way to tell if you are using Basic authentication is the log in dialogue: 

Basic authentication presents like this: 

Whilst Modern authentication appears like this: 

What should I do?

In order to ensure you can continue accessing email after this date, it is important to make sure you are running an email client that supports Modern authentication. For example, Outlook 2013 or later on PC and 2016 or later on Mac, also look to move away from using the “inbuilt” mail app on mobile devices to the Microsoft Outlook mobile app for iOS or Android, downloaded from the respective app store. 

Doing so will furthermore protect access to emails from company owned or BYOD devices. This means that there will be less chance of non-authorized access of email mailboxes, and also less attack surface for viruses and malware. Combining this strategy with multifactor authentication (MFA) can form a very strong protection from unauthorized access. 

Our friendly team are always happy to help, get in touch via email hello@geeks.co.uk or call us on 0117 325 0370 to discuss this further and see how we can help you to make a smooth transition away from Basic authentication and on to Modern authentication.