Is IMAP + Basic Auth being removed regardless of 2021 extension?

Raúl Aurelio Pinedo 1 Reputation point
2020-12-01T18:37:06.7+00:00

Hello,

Some Customers started to report (like 2 weeks ago), some email issues that seem to go away magically after switching from POP3\IMAP to OAuth 2.0.

I believe is related to this:
https://learn.microsoft.com/en-us/lifecycle/announcements/exchange-online-basic-auth-deprecated

I thought this was on Hold until 2021, but after re-reading that article (updated two weeks ago), it seems some changes are being pushed since October 2020....

"As part of security defaults, we currently disable Basic Authentication by default for new customers."
"In October 2020, we'll start to disable Basic Authentication for existing customers who have no recorded usage of Basic Authentication."

These two sentences make me believe some customers could be loosing access to basic authentication as of right now....
(This could explain why their Email Service Desk tool suddenly started to go haywire and going to OAuth fixes everything).

Right?

Microsoft Exchange Online Management
Microsoft Exchange Online Management
Microsoft Exchange Online: A Microsoft email and calendaring hosted service.Management: The act or process of organizing, handling, directing or controlling something.
4,151 questions
Exchange Server Management
Exchange Server Management
Exchange Server: A family of Microsoft client/server messaging and collaboration software.Management: The act or process of organizing, handling, directing or controlling something.
7,326 questions
0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Lucas Liu-MSFT 6,161 Reputation points
    2020-12-02T02:51:25.537+00:00

    Hi @Raúl Aurelio Pinedo ,

    1. IMAP will not be removed in 2021. According to Microsoft’s official statement, OAuth 2.0 support for the IMAP protocol is already supported in Exchange Online.
      For more information you could refer to: Announcing OAuth 2.0 support for IMAP and SMTP AUTH protocols in Exchange Online and Authenticate an IMAP, POP or SMTP connection using OAuth
    2. According to the article provide by Microsoft, the end date for Basic Authentication on Exchange Online previously was Oct. 13, 2020, but Microsoft is now pushing it out due to uncertainties surrounding the "COVID-19 crisis." However, starting from October 2020, basic authentication for new users will be disabled by default, and basic authentication will be disabled for existing users who do not have basic authentication usage. If the users in your organization meet the above conditions, then your understanding is correct, and some users may be prohibited from using basic authentication.
      When you disable Basic authentication for users in Exchange Online, their email clients and apps must support modern authentication. Those clients are:
      Outlook 2013 or later .
      Outlook 2016 for Mac or later
      Outlook for iOS and Android
      Mail for iOS 11.3.1 or later
      For more information you could refer to : Disable Basic authentication in Exchange Online
    3. In addition, Microsoft has stated that it will prohibit the use of basic authentication in the second half of 2021. Blocking Basic authentication can help protect your Exchange Online organization from brute force or password spray attacks. If possible, it is recommended that you enable modern authentication as soon as possible to replace basic authentication

    ----------

    If the response is helpful, please click "Accept Answer" and upvote it.
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

  2. Lucas Liu-MSFT 6,161 Reputation points
    2020-12-04T08:29:12.123+00:00

    Hi @Raúl Aurelio Pinedo ,
    According to the blog provide by Microsoft, we could know the following two points:

    1. -->Microsoft will continue to disable Basic Authentication for newly created tenants by default.
      It means that all users created in this new tenant will be disable the Basic Authentication.
    2. -->Starting in October 2020 Microsoft will also start to disable Basic Authentication in tenants that have no recorded usage. This means that applications that are using Basic Authentication to connect to Exchange Online might face authentication failures when adopted by a customer who is new to Exchange Online or has not used Basic Authentication applications before.
      When you assign the user account a license for Exchange Online, a mailbox is automatically created for the user. So "new users" refers to users who are assigned Exchange online licenses and automatically create mailboxes after the specified time, or never used Basic Authentication applications before.
      This blog can better help you understand: Deferred end of support date for Basic Authentication in Exchange Online

    ----------

    If the response is helpful, please click "Accept Answer" and upvote it.
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.