Microsoft
MicrosoftJust received an email from Microsoft that that "...On 30 September 2024, the ability to manage authentication methods in the legacy multifactor authentication (MFA) and self-service password reset (SSPR) policies will be retired..". I have talked with support about this and they said that with legacy per-user MFA deprecation app passwords will stop working even for those using them with basic SMTP AUTH.
Greg Taylor - EXCHANGE can you comment on that? Does this mean that SMTP AUTH basic authentication will come essentially useless on the 30th of September 2024, unless one completely disables MFA on those accounts?
I'm asking because we are line of business application vendor with a functionality to send email via SMTP. Thousands of our clients use smtp.office365.com integrated to the application to send their reports via email. Usually we have advised them to use app passwords for that.
Now it seams they won't be able to use application in a secure way if they will choose Microsoft as an SMTP provider.
We also cannot migrate to OAuth2 because application is on-premise based which doesn't work well with OAuth2.
