- Microsoft has warned its users multiple times previously about Basic Auth not meeting their security needs anymore.
- Microsoft suggests changing to Modern Auth (OAuth 2.0) for improved security and better protection.
- The Exchange team announced for the last time that Basic Auth would be shut down permanently in early 2023.
Microsoft has warned its users for the final time about Exchange Online‘s Basic Authentication being replaced by Modern Authentication (OAuth 2.0). The company made this warning this year twice, in May and September.
Multiple warnings were issued
Microsoft announced its intention to deprecate Basic Authentication in 2019 and suggested people switch to Modern Authentication. After not many users took action, the company announced again that Basic Auth would be deprecated, planned for October 2022.
The Exchange team declared in a blog post that time was finally up in early January 2023. There would be no way to get it back and calling customer service would not be able to help either. The change to Modern Auth was a must.
Microsoft repeated once more that the change was necessary to protect its users’ data and for many more reasons, explaining in deep with a video on YouTube:
Organizations will be notified seven days before the protocol is disabled for them. Affected apps will start getting an HTTP error 401 for a bad username/password once it is disabled.