Retirement of Basic Authentication in Microsoft 365 E-mail

Microsoft announced that on October 1, 2022, Basic Authentication would be permanently disabled in Microsoft 365 for all organizations. While Basic Authentication relies solely on a username and password and is simple and convenient, it poses serious security risks for users and the University.

While most UWindsor IT systems and software support Modern Authentication, some older systems and software versions still depend on the legacy Basic Authentication. One of these systems is Microsoft Exchange and Outlook (part of Microsoft Office). This change will affect anyone who may be using a mobile device that is still relying on the Basic Authentication to access email, or anyone who is still using an older and unsupported version of Microsoft Office.

Affected User Categories

If you have accessed Microsoft 365 services using Basic Authentication in the last 30 days, we sent you an e-mail message to let you know that you need to take action to avoid the loss of access. Users who will be affected by this change fall into one of these categories:

  • iPhone and iPad Apple operating systems (iOS) users 

Those who use the native mail app (including contacts and calendars apps) that has not been updated to Modern Authentication. 

Actions:

Update the iOS before October 1, 2022. Follow the prompt to switch from Basic to Modern Authentication when installing iOS update to version 15.6. It may take up to two weeks for the notification. To speed up this process, go to Settings > Mail > Accounts, select the UWindsor account and then tap "Re-enter Password".

Alternatively, remove the University's Office 365 account from the device and then add it back by following the steps in this knowledge base article.

Or, install the Outlook app for free from Apple's App store (recommended).

 

  • Android users 

Those who use the Android device’s native mail app configured to access mail, calendar or contacts.

Actions:

Due to the wide variety of Android devices, operating systems (OS) versions, and vendor customization, check to see if the Android mail/calendar/contacts app supports Modern Authentication.

Or, install the Outlook app for free from the Google Play Store (recommended), especially in the case where the phone’s vendor does not support Modern Authentication.    

 

  • Older versions of Microsoft Office users

Those who have Outlook 2007, 2010 and 2013 installed on their computer.

Action:

Replace the older version with the latest supported version of Outlook 365 (active employees and students) or use the web version of Outlook (alumni and retirees).

 

  • Printers, copiers, and other applications that connect to Exchange Online with Basic Authentication

Devices that use Basic Authentication to access a mailbox and read mail will not work after October 1 unless they have a newer protocol called OAuth.

Action:

Administrators of these devices and apps will need to make configuration changes.

Note that sending emails using SMTP is not affected. IT Services informed those responsible for supporting these devices. 

 

The following protocols using Basic Authentication will be turned off:

  • IMAP4
  • POP3
  • Exchange Web Services
  • MAPI
  • RPC
  • Remote PowerShell
  • ActiveSync
  • Office Address Book

Additional Resources

Details

Article ID: 146426
Created
Tue 9/6/22 2:01 PM
Modified
Fri 9/9/22 10:03 AM

Related Articles (5)

There are two ways to access your University Office 365 account on your iOS device - either with the native built in Mail, Contacts and Calendars app, or with Microsoft's Outlook app, available from the Apple App Store.
All workstations managed by Intune will receive an automated installation of Microsoft 365 Apps (formerly Office 365 Pro Plus). The procedure outlined in this article should only be used on workstations that have not yet been upgraded to Modern Desktop as well as BYOD workstations (eg. home computer) and student computers.
Starting November 1, 2021,older versions of Outlook for Windows will no longer be able to connect to Office 365 and Microsoft 365 services in the cloud.
Multi-Factor Authentication (MFA) combines two or more independent credentials - what you know (your password) with something you have (mobile phone) in order to create a second layer of security for your UWin Account. Even if someone knows your password, they will be prevented from accessing your account when it is protected by MFA.
Windows Hello is a feature of Windows 10/11 that allows users to configure PIN on each of their workstations that can be used to sign into Windows instead of the password, although signing in with a password is still possible on that same workstation. In addition to a PIN, users can also use other methods to sign into Windows, such as a fingerprint scan or a facial recognition (biometrics).