MC290828: Retire Basic Authentication for protocols

We’re making some changes to improve the security of your tenant. We announced in 2019 we would be retiring Basic Authentication for legacy protocols and in early 2021 we announced we would begin to retire Basic Authentication for protocols not being used in tenants.

Starting 30 days from today we’re going to turn off Basic Authentication for POP3, IMAP4, Remote PowerShell, Exchange Web Services, Offline Address Book, MAPI, RPC, and Exchange ActiveSync protocol in your tenant, and will also disable SMTP AUTH completely.

MC290828: Retire Basic Authentication for protocols

Note: Based on our telemetry, no users in your tenant are currently using Basic Authentication with those protocols and so we expect there to be no impact to you.

We previously communicated this change via Message Center: MC191153 (Sept. ‘19), MC204828 (Feb. ‘20), MC208814 (April ‘20) and MC23771 (Feb. ‘21) and you can always read the latest information about our plans to turn off Basic Authentication here.

We will send another Message Center post when we make the change. You may receive additional notifications if any other protocols could be affected.

How this will affect your organization

Once this change is made, users in your tenant will be unable to access their Exchange Online mailbox using Basic Authentication and these specific protocols.

If Modern Auth for Outlook for Windows is not already enabled in your tenant, we will also enable it, ensuring you can connect securely using up to date versions of Outlook. Please see here for additional information.

Opting Out of this Change

You can opt out of this change by following the steps outlined here within the next 30 days.

What you need to do to prepare

This is for your awareness only. If you experience any issues, please follow your standard support processes.

Message ID: MC290828