When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.

Microsoft gives final warning about Basic Auth deprecation in Exchange Online

For the past couple of years, Microsoft has been warning customers that it is deprecating Basic Authentication in Exchange Online in favor of Modern Auth (OAuth 2.0). These warnings have come in waves as Microsoft has proceeded to disable the method in a staggered manner. Now, it appears that the company has issued its final public notification about the matter, with the holiday period kicking off next week in many countries.

A logo for Microsoft Exchange with a laptop and a grim reaper icon

In a new blog post, the Redmond tech giant has advised companies to prepare for Basic Auth being turned off for most protocols in January 2023. The protocols affected by this deprecation are MAPI, RPC, Offline Address Book (OAB), Exchange Web Services (EWS), POP, IMAP, Exchange ActiveSync (EAS), and Remote PowerShell. It is important to note that the protocol will not be disabled for SMTP AUTH, but Microsoft has recommended disabling it by yourself.

Organizations will still be informed seven days prior to the protocol being disabled for them. Once it is turned off, affected apps will begin throwing an HTTP error 401 for bad username/password. The only way for them to work after that will be to switch to Modern Auth.

Microsoft has noted that it will be impossible to turn on Basic Auth after it's been disabled in January. You can find extensive guidance on this topic here.

Report a problem with article
A graphic showing Microsoft acquiring Activision Blizzard
Next Article

Group of gamers sue Microsoft over $69 billion Activision Blizzard acquisition

A Windows Server 2022 graphic
Previous Article

Microsoft fixes Hyper-V network adapter issues on Windows Server with Out-of-Band update