![]() Not the kind of thing you want users to be confronted with.Īny application that uses Modern Authentication for the same protocols is not affected. The application will receive a HTTP 401 error: bad username or password. If you’re using Basic Authentication for one of the affected protocols, they will not be able to connect once this is turned off. Microsoft recommends disabling SMPT AUTH at the tenant level and re-enabling it only for the user accounts that still need it. To be precise, Microsoft will disable Basic Authentication for the following protocols: MAPI, RPC, Offline Address Book (OAB), Exchange Web Services (EWS), POP, IMAP, Exchange ActiveSync (EAS), and Remote PowerShell. ![]() Seven days in advance, affected companies will receive a warning and a Service Health Dashboard note about the upcoming change. Microsoft goes through these tenants in random order. What will Microsoft do?įrom October 1, 2022, Microsoft will begin disabling Basic Authentication in its global multi-tenant service. Every day that you’re still using Basic Authentication, you run the risk of being attacked. ![]() This relies on a username and password for access requests, which is susceptible to security issues related to brute force attacks, password spray attacks and more. Many companies are still using Basic Authentication for Exchange Online. Consistent, round-the-clock management across all services.
0 Comments
Leave a Reply. |