![]() We take our role in that statement seriously, and our end goal is turning off Basic Auth for all our customers. ![]() ![]() We need to work together to improve security. The original announcement was titled ‘Improving Security – Together’ and that’s never been truer than it is now. Today, we are announcing that, effective October 1, 2022, we will begin to permanently disable Basic Auth in all tenants, regardless of usage, with the exception of SMTP Auth.īasic Authentication is an outdated industry standard, and threats posed by Basic Auth have only increased in the time since we originally announced we were making this change. ![]() The overall scope of the program was also extended to include Exchange Web Services (EWS), Exchange ActiveSync (EAS), POP, IMAP, Remote PowerShell, MAPI, RPC, SMTP AUTH and OAB. In summary, we announced we were postponing disabling Basic Auth for protocols in active use by your tenant until further notice, but that we would continue to disable Basic Auth for all protocols not being used. In February 2021, we announced some changes to our plan for turning off Basic Authentication in Exchange Online. Update: The full timeline for retirement of Basic Authentication in Exchange Online is now published in Basic Authentication Deprecation in Exchange Online – September 2022 Update.
0 Comments
Leave a Reply. |