Shortly after the permanent disabling of basic authentication, any clients or applications that connect via basic authentication to any of the affected protocols will receive a username/password/HTTP 401 error message.įrom this point on the login of clients via Basic Authentification is history.Beginning in early January, Microsoft will send messages to affected tenants approximately 7 days prior to the configuration change that permanently disables the use of Basic Authentication for the affected protocols (SMTP will remain untouched).In early January 2023, Basic Authentication for multiple protocols will be permanently deprecated by Microsoft for many Exchange Online clients. New shutdown reminderĪs of December 20, 2022, Microsoft has published the Techcommunity post Basic Authentication Deprecation in Exchange Online – Time's Up, again noting the Basic Auth shutdown. Microsoft anticipated that this shutdown would be complete for all Tenants by the end of 2022. They were then to receive a 7-day warning in the Message Center (and post notices in the Service Health Dashboard) that Basic Auth in the tenant would be turned off after the deadline.
Since October 2022, tenants using Basic Auth should be randomly selected and notified with an alert. Microsoft justifies this step with the fact that Basic Auth is still one of the most frequently used methods by which Exchange Online users are compromised. The cut-off date for this deactivation to begin was October 1, 2022, which Microsoft had pointed out in May 2022 (see Basic Authentication in Exchange Online will be discontinued as of October 2022). After all, it had already been announced in September 2021 that Basic Authentication would be disabled in Exchange Online.
0 kommentar(er)
