Jun 03 2022 08:39 AM - edited Jun 23 2022 10:52 AM
Basic Authentication which doesn't allow for MFA enforcement will be disabled on October 2022, this means smtp, pop,imap and Exchange ActiveSync (used a lot by iPhone) won't work anymore.
We helped a few tenants make the move and decided to create a guide , hope it helps:
How to successfully disable basic authentication on Microsoft 365 before end of life support
If there are any questions please feel free to post them.
Update: It seems Microsoft might be testing disconnecting some protocols beforehand for a brief period. So if you would like to check if your tenant was affected, open your tenant admin through this link which will pre-fill a support request (image here) and the solution is a test tool which will check which ones are disabled.
Jun 08 2022 01:27 AM - edited Jun 08 2022 01:45 AM
Many thanks for this help. It begins to be clearer but still murky. Still better than Microsoft """explanations""".
So now, I followed your process and discovered that three users (myself included) and an automatic mailbox use the simple authentication. I see it is with "Office 365 Exchange Online". And now what ? I can't manage to understand what is wrong and how to fix it.
Thanks for any more explanations.
edit :
I think this is this point I do not understand :
"After providing instructions to users on how to migrate their devices to Modern Authentication your tenant should prevent those users from adding new devices through legacy authentication.". The tenant (me) does not know how to migrate the devices and not even what devices
Jun 10 2022 03:09 PM
Make sure on your Azure AD sign in logs you enable the Columns Operating System and Device Browser used for the sign in, it will help you understand from which software/device the legacy protocal is being used.
In the OS what does it say ? Are you using iOS ? if so then try removing your account and re-adding it because it still might be using Exchange Active Sync.
Jun 12 2022 02:00 AM
Forgot, on our website we have a Web App which will tell you what devices users are using and will send you either a daily or weekly reminder of new devices users signed in still on legacy protocols.
More info on a Reddit post
Jun 13 2022 01:10 AM
Many thanks for your useful advices.
I would have loved to use the web app but it seems that my M365 business licence is not expensive enough to allow it.
As, on the Microsoft Azure log, the only people to have been signaled with basic authentication (me included) are the only people still with Office 2013, I have tested on my own PC the register modification forcing to use Modern Authentication : HKEY_CURRENT_USER\Software\Microsoft\Exchange\AlwaysUseMSOAuthForAutoDiscover value set to 1 (for the little story behind it, Office 2013 is the last version to NOT have it set by default).
I see now that I am no longer on the "shame list". I'll watch for a while and if my only problems come from it, I'll feel lucky.
Thanks again.
Jun 15 2022 05:20 PM
Jun 15 2022 09:53 PM
M365 business (including office 365 and allowing Outlook on the web) AND office 2013/2016/2019 allowing more complete softwares. Some people prefer the real one to the cloudy other.
Jun 19 2022 02:46 PM
just added a guide on how to handle different types of devices signing in through basic authentication, might be helpful:
how to migrate devices running legacy to modern authentication