Deprecation of Basic Authentication (Basic Auth) in Exchange Online
Please go here to search for your product's lifecycle.
Beginning October 1, 2022, Exchange Online Basic Auth will begin to be permanently disabled in all tenants.
Basic Authentication is being disabled for Outlook, Exchange Web Services (EWS), Remote PowerShell (RPS), POP, IMAP, and Exchange ActiveSync (EAS) protocols in Exchange Online to improve customer security. Customers must update end user client applications or line of business apps to Modern Auth before October 2022, to allow them to continue to function properly. Disablement notifications will be provided in the Microsoft 365 Message Center.
Basic Authentication will continue to be disabled for newly created tenants by default and in tenants with no recorded usage.
Customers should identify Basic Authentication usage in their tenant and if necessary upgrade client software, reconfigure apps, update scripts, or reach out to third-party app developers to get updated code or apps.
Check the Message Center
It's recommended that the customers first investigate the impact on their tenant and users. Look out for Message Center posts that will summarize usage reports. Note that only tenants using Basic Auth will receive a report.
Check the Azure Active Directory Sign-in report
Use the Azure AD Sign-In report to view Basic Auth usage. To learn more, see: New tools to block legacy authentication in your organization - Microsoft Tech Community.
Customers with an Azure AD premium license can use the following methods to export and analyze usage logs:
Azure Event Hubs, Azure Storage, or Azure Monitor (best methods): These options can handle large data loads from customers with hundreds of thousands of users. For more information, see Stream Azure Active Directory logs to Azure Monitor logs.
Graph APIs: MS Graph paging logic is recommended to pull in all logs. For more information, see Access Azure AD logs with the Microsoft Graph API.
Direct download from web browser: Note that for large customers, this option may cause browser timeouts.
For more information contact the customer account team or Microsoft Support.
Resources
- Deprecation of Basic authentication in Exchange Online | Microsoft Docs
- Basic Authentication Deprecation in Exchange Online -- May 2022 Update - Microsoft Tech Community
- Microsoft and Apple Working Together to Improve Exchange Online Security - Microsoft Tech Community
- Action Recommended: Switch to Modern Authentication in Exchange Online Before Basic Authentication Deprecation (cisa.gov)