Microsoft has set a deadline for the use of Basic Authentication for Exchange (Online). As of October 1, 2022, it is no longer supported.
Alternatives to Basic Authentication
Basic Authentication for MS Exchange or O365 via username and password will no longer be supported for security reasons. Microsoft classifies this approach as outdated and not sufficiently secure. Alternative strategies such as Zero Trust or real-time assessment policies are intended to make unauthorized access to user credentials more difficult. Modern OAuth access tokens reduce the risks of misuse and identity theft due to temporary validity, assignment to specific applications and resources, and support for multifactor authentication.
After October 1, 2022, mail clients will no longer be able to connect to the mail server using Basic Authentication. Therefore, a changeover to modern authentication must be carried out in accordance with Microsoft’s requirements. All email services via Microsoft Exchange or Office 365 are affected, regardless of the used device.
Effects on Mobile Device Management
If an enterprise mobility system is used, the following MDM components may also be affected:
- iOS Mail Client
- different Android mail clients (regardless, if configured via MDM or manually)
- SecurePIM on Android and iOS
Please check your infrastructure for use of Microsoft Basic Authentication and make the recommended changes if needed.
In your MDM system, also check the following points:
- make changes according to Microsoft / introduce an alternative mail app if necessary (if your current app does not support modern authentication)
- adjust configuration changes in MDM
- roll out new configurations or mail client
Since this is a change exclusively on Microsoft side, we must point out that IKARUS cannot provide support for this. If you have any questions about the affected MDM components of your IKARUS mobile.management installation, we will of course be happy to help you!
Read here which services are affected, how you can find out if or where you use the Basic Authentication and which procedures and alternatives are available to you: https://docs.microsoft.com/en-us/exchange/clients-and-mobile-in-exchange-online/deprecation-of-basic-authentication-exchange-online