Exchange Online – Get ready for the retirement of Basic Authentication

In the process of re enforcing security, one of the key is to use robust and secure authentication protocols and methods.

With that in mind, get ready for the retirement of the basic authentication in Exchange Online for POP and IMAP.

If you use POP and/or IMAP to connect to an Exchange Online mailbox, you will need to ensure your client (either mail client, third party software or network enabled device like printer or scanner) can use OAuth to authenticate against Exchange Online.

In addition, PowerShell and Exchange ActiveSync (EAS) will also be affected by this.

It is expected you already have switch to use the Exchange Online PowerShell v2 module (https://docs.microsoft.com/powershell/exchange/exchange-online/exchange-online-powershell-v2/exchange-online-powershell-v2?view=exchange-ps) for your Exchange Online automation with PowerShell.

Regarding EAS, you should switch to Outlook Mobile application.

The roll out has started and is scheduled to be completed by October 2020.

You can search and look for the authentication method used by using the Azure Active Directory sign-ins report.

Connect to either your Azure portal (https://portal.azure.com/) or Azure AD portal (https://aad.portal.azure.com/) and reach out to the Azure Active Directory\Sign-ins blade under the Monitoring section

image  image

Then you can filter by Client app

image

Which then will allow you to filter by client app type (IMAP, EAS, POP…)

image

You can now analyse the report to identify what/who is going to be impacted.

Leave a Comment

Your email address will not be published.