Blog Post

Exchange Team Blog

8 MIN READ

Basic Authentication and Exchange Online – September 2021 Update

Microsoft

Sep 23, 2021

Update: The full timeline for retirement of Basic Authentication in Exchange Online is now published in Basic Authentication Deprecation in Exchange Online – September 2022 Update. In February 2021...

Updated Sep 01, 2022

Version 19.0

Microsoft

Joined April 19, 2019

View Profile

Exchange Team Blog

You Had Me at EHLO.

JPogue

Copper Contributor

Sep 24, 2021

Basic auth is currently disabled in our tenant with an organizational level default Authentication Policy.:

Set-OrganizationConfig -DefaultAuthenticationPolicy <PolicyIdentity>

However, we have a small subset of accounts which still require basic auth for EWS and IMAP so we have a second Authentication Policy which allows basic auth over these protocols, and this policy is applied individually to these accounts. This works as described in this doc: Note that the authentication policies assigned to users take precedence over the default policy. To configure the default authentication policy for the organization, use this syntax:

When Microsoft disables basic auth in Oct 2022, will that override and break the Authentication Policy-based exception we have applied to our small subset of accounts which still need basic auth over EWS and IMAP?