Planned deactivation of basic authentication in Exchange Online

conzept 16: Aus für Basic Auth in Exchange Online

Introduction

Microsoft plans to discontinue the so-called “basic authentication” for Exchange Online, which is part of the Microsoft 365 and Office 365 product suite.

Basic Authentication

Applications use this type of authentication to connect to servers or services on the Internet. The user name and password are transmitted unencrypted. Especially a connection without encryption represents a security risk. According to Microsoft, the following services and protocols are affected by the deactivation:

  • Exchange ActiveSync (EAS)
  • POP
  • IMAP
  • Remote PowerShell
  • Exchange Web Services (EWS)
  • Offline Address Book (OAB)
  • Outlook for Windows und Mac
  • SMTP AUTH

 

Modern Authentication

Instead of Basic Authentication on Exchange Online, an OAuth 2.0-based procedure is used. Clients need an access token to establish the connection, which is created by an authentication server (at Microsoft). The token has a limited validity period and is specific to the application. The token cannot therefore be reused, which increases security.

POP, IMAP und SMTP AUTH

The POP, IMAP and SMTP protocols are used by email clients and applications to receive (POP and IMAP) and send (SMTP) email messages. In order for this to continue to work in the future, these applications must support the new authentication procedure (Modern Authentication).

Since conzept 16 offers commands for sending e-mails via SMTP on the one hand and alert mails of the database server also run via this protocol on the other hand, vectorsoft is currently working on support for this new procedure.

Date of the planned changeover

Originally, Microsoft announced th e 1st of October 2022 for the transition of its cloud services. In the meantime, however, there is a postponement until the 31st of December of this year. During this period, Microsoft will continue to allow access via basic authentication. The process will then be discontinued completely at the beginning of 2023.

Sources

Deprecation of Basic authentication in Exchange Online

Basic Authentication Deprecation in Exchange Online – September 2022 Update

Klicken Sie hier, um die Nutzungsbedingungen für unseren Blog zu lesen.

Leave a Reply

Your email address will not be published. Required fields are marked *

Leave the field below empty!

Requests, questions or feedback are welcome:

Terms of use of the comment function in the blog

1. General information

Vectorsoft AG (‘Provider’) provides a public blog for Internet users (‘Users’) on the vectorsoft.de website. The public blog is intended for the exchange of information and ideas. Users who participate with contributions and comments undertake to comply with the blog terms of use and are responsible for the accuracy, appropriateness and freedom from legal infringements of their contributions. By using the comment function in our blog, you accept these terms of use.

2. Netiquette

We ask you to refrain from personal attacks and provocations based on other opinions. Please argue objectively and maintain a constructive discussion culture. Your comment should always be related to the topic in question in order to avoid digressions into other topics. Posting the same comment or several similar comments more than once is not permitted.

3. Prohibition of illegal content

By submitting your comment, you confirm that you are not violating any copyrights or other rights of third parties. Inciting, racist statements, instructions for criminal offences and their glorification, depictions of violence, pornographic content and statements that violate personal rights are prohibited.

4. No advertising

The use of the comment function is not permitted for commercial or party-political purposes. Advertising contributions of any kind will be deleted immediately.

5. Details of the name

When entering your name, pay attention to the principles mentioned above.

6. Source references

If you intend to publish quotes or contributions from third parties, please indicate the respective sources and explain how they relate to the blog post.

7. Violation of the terms of use

Posts that violate this policy will be deleted immediately. If you notice any violations yourself, please send us the link to the comment in question by e-mail to . We expressly point out that we will exclude individual users in the event of repeated or serious violations of these terms of use.

As of: Sept. 2024

Get your Trial Version now!

Test yeet free of charge

IHRE EVALUIERUNGSLIZENZ - JETZT ANFORDERN!

TESTEN SIE DIE CONZEPT 16 VOLLVERSION - UNVERBINDLICH und KOSTENFREI

Subscribe to our newsletter

[cleverreach_signup]
WordPress Cookie Notice by Real Cookie Banner