Basic Authentication: ONE WEEK NOTICE

Approximately 7 days from today, Microsoft are going to permanently turn off basic authentication in the Nexus365 tenancy.
You should only be affected if you have already received a notification from IT Services, which was sent to all identifiable people who were using Basic Authentication in early December 2022.

In September 2019 Microsoft first announced that Basic Authentication was too insecure to be allowed as an ongoing method of authentication. After numerous announcements and updates over the following three years, we are now at the stage where Microsoft are now turning off basic authentication for all their customers worldwide, for the following protocols: MAPI, RPC, Offline Address Book, Exchange Web Services, POP, IMAP, Exchange ActiveSync and Remote PowerShell. The University requested a delay, which was granted, but which has now reached its end.  Today Microsoft selected our tenancy, and in approximately 7 days, they will disable basic authentication for all Exchange Online protocols except SMTP.

How this may affect you
Any clients or applications still using basic authentication with the affected protocols will be unable to connect to Exchange Online.
Note: They are not changing any settings for SMTP AUTH or turning off SMTP AUTH.
Any client (user app, script, integration, etc.) using basic auth for an affected protocol will be unable to connect to Exchange Online. The client will receive an HTTP 401 error: bad username or password. Any app using modern auth for these protocols will be unaffected.

To read more on what can be done to switch apps from basic to modern auth please view our main documentation page and our latest blog.

What can I do if I need more time?
There are no options to re-enable basic auth for these protocols: they will have been permanently disabled. We have already requested an extension, which is now expiring.

Posted in Uncategorized | Comments Off on Basic Authentication: ONE WEEK NOTICE

Comments are closed.