You are here: / / / / Exchange: Basic Authentication to end

Microsoft to end Basic Authentication for Exchange on Octobre 01, 2022

5. July, 2022

Microsoft has set a deadline for the use of Basic Authentication for Exchange (Online). As of October 1, 2022, it is no longer supported.

Alternatives to Basic Authentication

Basic Authentication for MS Exchange or O365 via username and password will no longer be supported for security reasons. Microsoft classifies this approach as outdated and not sufficiently secure. Alternative strategies such as Zero Trust or real-time assessment policies are intended to make unauthorized access to user credentials more difficult. Modern OAuth access tokens reduce the risks of misuse and identity theft due to temporary validity, assignment to specific applications and resources, and support for multifactor authentication.

After October 1, 2022, mail clients will no longer be able to connect to the mail server using Basic Authentication. Therefore, a changeover to modern authentication must be carried out in accordance with Microsoft’s requirements. All email services via Microsoft Exchange or Office 365 are affected, regardless of the used device.

Effects on Mobile Device Management

If an enterprise mobility system is used, the following MDM components may also be affected:

  • iOS Mail Client
  • different Android mail clients (regardless, if configured via MDM or manually)
  • SecurePIM on Android and iOS

Please check your infrastructure for use of Microsoft Basic Authentication and make the recommended changes if needed.

In your MDM system, also check the following points:

  1. make changes according to Microsoft / introduce an alternative mail app if necessary (if your current app does not support modern authentication)
  2. adjust configuration changes in MDM
  3. roll out new configurations or mail client

Support note

Since this is a change exclusively on Microsoft side, we must point out that IKARUS cannot provide support for this. If you have any questions about the affected MDM components of your IKARUS mobile.management installation, we will of course be happy to help you!

Read here which services are affected, how you can find out if or where you use the Basic Authentication and which procedures and alternatives are available to you: https://docs.microsoft.com/en-us/exchange/clients-and-mobile-in-exchange-online/deprecation-of-basic-authentication-exchange-online

Security tips conveniently in your inbox: Subscribe to IKARUS News now
Account Management

Account management: The underestimated risk of forgotten user accounts

Bedrohung

Threat Modelling: Guidelines for creating practical threat models

Indicators of Attack

IoC and IoA: definition, examples, benefits

Gefahren durch vertrauenswürdige Services

Living off Trusted Sites: cyber attackers abuse legal services

Threat Intelligence

Effective integration of threat intelligence with cyber defence

SQL Injection

SQL Injection: Attacks by malicious code in website requests

SMTP Smuggling

IKARUS mail.security detects SMTP smuggling

Cyber-Risiken in der Ferienzeit

Cyber risks in the holiday season

passkey

Passkeys as a secure alternative to passwords

Dynamische Cybersicherheit

5 top IT security strategies for dynamic cyber security

NIS2

NIS2 Directive successfully implemented

Harmony Mobile by Check Point

Harmony Mobile new in the IKARUS portfolio

EU Machinery Regulation

EU Machinery Regulation 2023

Sergejs Harlamovs, Malware-Analyst bei IKARUS

Plugin IdaClu accelerates malware analysis

IdaClu: IKARUS malware analyst Sergejs Harlamovs wins Hex-Rays plugin contest
NIS2

Cyber Security Schecks 2023: Funding for NIS2-affected SMEs

Infostealer

Recognise, understand and defend against info stealers

WE ARE LOOKING FORWARD TO HEARING FROM YOU!

IKARUS Security Software GmbH Blechturmgasse 11
1050 Vienna

Phone: +43 (0) 1 58995-0
Sales Hotline:
+43 (0) 1 58995-500

SUPPORT HOTLINE

Support hotline:
+43 (0) 1 58995-400

Support hours:
Mon – Thu: 8am – 5pm
Fri: 8am – 3pm

Remote maintenance software:
AnyDesk Download

MORE INFORMATION

Webshop
Legal notice
GTC
EULA
Privacy Policy
NIS 2: New cyber security guidelinesBlackCat RansomwareHow to protect from the BlackCat Ransomware