Enable Modern authentication for Office 2013 on Windows devices

Microsoft Office 2013 on Microsoft Windows computers supports Modern authentication. But, to turn it on, you need to configure the following registry keys:

Registry key	Type	Value
HKEY_CURRENT_USER\Software\Microsoft\Exchange\AlwaysUseMSOAuthForAutoDiscover	REG_DWORD	1
HKEY_CURRENT_USER\Software\Microsoft\Office\15.0\Common\Identity\EnableADAL	REG_DWORD	1
HKEY_CURRENT_USER\Software\Microsoft\Office\15.0\Common\Identity\Version	REG_DWORD	1

Note

Modern authentication is already enabled in Office 2016 or later. You don't need to set these registry keys for later versions of Office.

Important

Basic authentication is turned off for Exchange Online mailboxes on Microsoft 365. This means that if Outlook 2013 is not configured to use modern authentication, it loses the ability to connect. For more information, see Basic authentication in exchange online.

Software requirements

To enable MFA for Office 2013 client apps, you must have the following software installed (the version listed below, or a later version) based on whether you have a Click-to-run based installation or an MSI-based installation.

To determine whether your Office installation is Click-to-run or MSI-based:

1. Start Outlook 2013.

2. From the File menu, select Office Account.

3. For Outlook 2013 Click-to-Run installations, an Update Options item displays. For MSI-based installations, an Update Options item does not display.

   

Click-to-run installations

For Click-to-run installations, you must have the following files installed. If your file version is not equal to or greater than the file version listed, follow these steps below to update it.

File name	Install path on your computer	File version
MSO.DLL	C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\MSO.DLL	15.0.4753.1001
CSI.DLLL	CSI.DLL C:\Program Files\Microsoft Office 15\root\office15\csi.dll	15.0.4753.1000
Groove.EXE*	C:\Program Files\Microsoft Office 15\root\office15\GROOVE.exe	15.0.4763.1000
Outlook.exe	C:\Program Files\Microsoft Office 15\root\office15\OUTLOOK.exe	15.0.4753.1002
ADAL.DLL	C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\ADAL.DLL	1.0.2016.624
Iexplore.exe	C:\Program Files\Internet Explorer	Varies

* If Groove.EXE isn't part of your Office installation, it doesn't need to be installed for the Azure Active Directory Authentication Library (ADAL) to work. However, if Groove.EXE is present, then the file version listed in the table is required.

MSI-based installations

For MSI-based installations, you must have the following files installed. If your file version is not equal to or greater than the file version listed, use the link in the Where to get the update column to update it.

File name	Install path on your computer	Where to get the update	Version
MSO.DLL	C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\MSO.DLL	KB3085480	15.0.4753.1001
CSI.DLLL	CSI.DLL C:\Program Files\Microsoft Office 15\root\office15\csi.dll	KB3172545	15.0.4753.1000
Groove.EXE*	C:\Program Files\Microsoft Office 15\root\office15\GROOVE.exe	KB4022226	15.0.4763.1000
Outlook.exe	C:\Program Files\Microsoft Office 15\root\office15\OUTLOOK.exe	KB4484096	15.0.4753.1002
ADAL.DLL	C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\ADAL.DLL	KB3085565	1.0.2016.624
Iexplore.exe	C:\Program Files\Internet Explorer	MS14-052	Not applicable

* If Groove.EXE isn't part of your Office installation, it doesn't need to be installed for the Azure Active Directory Authentication Library (ADAL) to work. However, if Groove.EXE is present, then the file version listed in the table is required.

Enable modern authentication for Office 2013 clients

1. Close Outlook.

2. Copy and paste the following text into Notepad:

   Windows Registry Editor Version 5.00
   
   [HKEY_CURRENT_USER\Software\Microsoft\Exchange]
   "AlwaysUseMSOAuthForAutoDiscover"=dword:00000001
   
   [HKEY_CURRENT_USER\Software\Microsoft\Office\15.0\Common]
   
   [HKEY_CURRENT_USER\Software\Microsoft\Office\15.0\Common\Identity]
   "EnableADAL"=dword:00000001
   "Version"=dword:00000001
   

3. Save the file with the file extension .reg instead of .txt in a location that's easy for you to find. For example, C:\Data\Office2013_Enable_ModernAuth.reg.

4. Open File Explorer (formerly known as Windows Explorer), browse to the location of the .reg file you just saved, and then double-click it.

5. In the User account control dialog that appears, click Yes to allow the app to make changes to your device.

6. In the Registry Editor warning dialog that appears, click Yes to accept the changes.

Once you've set the registry keys, you can set Office 2013 apps to use multifactor authentication (MFA) with Microsoft 365. For more information, see Set up multifactor authentication.

If you're currently signed in to any of Office client apps, you need to sign out and sign back in for the change to take effect. Otherwise, the MRU and roaming settings will be unavailable until the identity is established.

Disable modern authentication on devices

The procedure to disable modern authentication on a device is very similar, but fewer registry keys are required, and you need to set their values to 0.

Registry key	Type	Value
HKEY_CURRENT_USER\Software\Microsoft\Exchange\AlwaysUseMSOAuthForAutoDiscover	REG_DWORD	0
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\15.0\Common\Identity\EnableADAL	REG_DWORD	0

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\Exchange]
"AlwaysUseMSOAuthForAutoDiscover"=dword:00000000

[HKEY_CURRENT_USER\Software\Microsoft\Office\15.0\Common]

[HKEY_CURRENT_USER\Software\Microsoft\Office\15.0\Common\Identity]
"EnableADAL"=dword:00000000

Related content

Sign in to Office 2013 with a second verification method

Outlook prompts for password and doesn't use Modern Authentication to connect to Office 365