Deprecation of Basic Authentication in Office 365

Incident Report for Zix | AppRiver

Resolved

This incident has been resolved.

Posted Feb 06, 2023 - 15:02 CST

Update

To resolve the Outlook desktop disconnection issue, you will first need to ensure modern authentication is enabled on the local machine. The below article will walk you through how to enable Modern Authentication as well as provide you steps for getting Outlook successfully reconnected:

How to enable modern authentication for Outlook to resolve end of basic authentication issue - How do I enable Modern Authentication?

To resolve the Mobile Device disconnection issue, you will just need to remove the current account from the device and then add it back:

- Iphone Configuration
- Android Configuration

* All versions of Outlook and Office that are still supported today support the use of Modern Authentication.

* All modern mobile devices, including iPhones and other iOS devices, as well as Android devices including Samsung and Motorola devices, support Modern Authentication in their native email client applications (including the Gmail app for all modern Android devices).

* Outlook for iOS and Android supports Modern Authentication and is the recommended email client for mobile devices.

* While IMAP and POP protocols now support modern authentication, this is intended for continued use of third-party applications ONLY. There is no plan for Outlook clients to support OAuth for POP and IMAP, but Outlook can connect using MAPI/HTTP (Windows clients) and EWS (Outlook for Mac). IMAP, POP and SMTP Auth

Check out the latest blog post from Microsoft on this topic.

This WILL NOT affect domains that are on our Hosted Exchange (Hex) platform.

Posted Oct 14, 2022 - 09:44 CDT

Update

We are continuing to monitor for any further issues.

Posted Oct 14, 2022 - 09:26 CDT

Update

Microsoft has announced deprecation, or sunsetting, of legacy authentication protocols (Basic Authentication), beginning October 1, 2022. Basic authentication has been replaced with Modern Authentication, which supports Multi-Factor Authentication for enhanced security.

IMPORTANT:
What does this mean for your organization?

It is very unlikely your organization will be affected by the change as this is a phased rollout that has been occurring over a few years.
* Modern Authentication is already enabled by default for all Office 365 tenants.
* All versions of Outlook and Office that are still supported today support the use of Modern Authentication.
* All modern mobile devices, including iPhones and other iOS devices, as well as Android devices including Samsung and Motorola devices, support Modern Authentication in their native email client applications (including the Gmail app for all modern Android devices).
* Outlook for iOS and Android supports Modern Authentication and is the recommended email client for mobile devices
* While IMAP and POP protocols now support modern authentication, this is intended for continued use of third-party applications. Microsoft recommends the use of Outlook on the Web (OWA) over POP or IMAP in mail client applications, including Microsoft Outlook desktop applications, for end users email client access.
https://docs.microsoft.com/en-us/exchange/clients-and-mobile-in-exchange-online/deprecation-of-basic-authentication-exchange-online#pop-imap-and-smtp-auth

* AD Connect supports Modern Authentication for organizations with hybrid identity management.

There are a limited number of scenarios where an organization may have client applications that still use Basic authentication which could be affected. We have provided step by step instructions with links to resources for administrators to identify potentially affected applications and users in the following KB article for your reference:
https://support.zixcorp.com/app/answers/detail/a_id/1781

Microsoft has provided updates on this topic in a series of blog posts over the past few years to help administrators prepare for these changes to enhance security of Office 365 services and applications.
The official documentation including the announcement and resources to ensure your organization is prepared can be found here:
https://docs.microsoft.com/en-us/exchange/clients-and-mobile-in-exchange-online/deprecation-of-basic-authentication-exchange-online

To check out the latest blog post from Microsoft on this topic please refer to the following:
https://techcommunity.microsoft.com/t5/exchange-team-blog/basic-authentication-deprecation-in-exchange-online-may-2022/ba-p/3301866

How to enable modern authentication for Outlook to resolve end of basic authentication issue - How do I enable Modern Authentication?

This WILL NOT affect domains that are on our Hosted Exchange (Hex) platform.

Posted Sep 27, 2022 - 13:41 CDT

Update

Monitoring - Microsoft has announced deprecation, or sunsetting, of legacy authentication protocols (Basic Authentication), beginning October 1, 2022. Basic authentication has been replaced with Modern Authentication, which supports Multi-Factor Authentication for enhanced security.

IMPORTANT:
What does this mean for your organization?

It is very unlikely your organization will be affected by the change as this is a phased rollout that has been occurring over a few years.
* Modern Authentication is already enabled by default for all Office 365 tenants.
* All versions of Outlook and Office that are still supported today support the use of Modern Authentication.
* All modern mobile devices, including iPhones and other iOS devices, as well as Android devices including Samsung and Motorola devices, support Modern Authentication in their native email client applications (including the Gmail app for all modern Android devices).
* Outlook for iOS and Android supports Modern Authentication and is the recommended email client for mobile devices
* While IMAP and POP protocols now support modern authentication, this is intended for continued use of third-party applications. Microsoft recommends the use of Outlook on the Web (OWA) over POP or IMAP in mail client applications, including Microsoft Outlook desktop applications, for end users email client access.
https://docs.microsoft.com/en-us/exchange/clients-and-mobile-in-exchange-online/deprecation-of-basic-authentication-exchange-online#pop-imap-and-smtp-auth

* AD Connect supports Modern Authentication for organizations with hybrid identity management.

There are a limited number of scenarios where an organization may have client applications that still use Basic authentication which could be affected. We have provided step by step instructions with links to resources for administrators to identify potentially affected applications and users in the following KB article for your reference:
https://support.zixcorp.com/app/answers/detail/a_id/1781

Microsoft has provided updates on this topic in a series of blog posts over the past few years to help administrators prepare for these changes to enhance security of Office 365 services and applications.
The official documentation including the announcement and resources to ensure your organization is prepared can be found here:
https://docs.microsoft.com/en-us/exchange/clients-and-mobile-in-exchange-online/deprecation-of-basic-authentication-exchange-online

To check out the latest blog post from Microsoft on this topic please refer to the following:
https://techcommunity.microsoft.com/t5/exchange-team-blog/basic-authentication-deprecation-in-exchange-online-may-2022/ba-p/3301866

How to enable modern authentication for Outlook to resolve end of basic authentication issue - How do I enable Modern Authentication? (zixcorp.com)

This WILL NOT affect domains that are on our Hosted Exchange (Hex) platform.

Posted Sep 12, 2022 - 11:33 CDT

Update

We are continuing to monitor for any further issues.

Posted Aug 25, 2022 - 14:39 CDT

Monitoring

Microsoft has announced deprecation, or sunsetting, of legacy authentication protocols (Basic Authentication), beginning October 1, 2022. Basic authentication has been replaced with Modern Authentication, which supports Multi-Factor Authentication for enhanced security.

IMPORTANT:
What does this mean for your organization?

It is very unlikely your organization will be affected by the change as this is a phased rollout that has been occurring over a few years.
* Modern Authentication is already enabled by default for all Office 365 tenants.
* All versions of Outlook and Office that are still supported today support the use of Modern Authentication.
* All modern mobile devices, including iPhones and other iOS devices, as well as Android devices including Samsung and Motorola devices, support Modern Authentication in their native email client applications (including the Gmail app for all modern Android devices).
* Outlook for iOS and Android supports Modern Authentication and is the recommended email client for mobile devices
* While IMAP and POP protocols now support modern authentication, this is intended for continued use of third-party applications. Microsoft recommends the use of Outlook on the Web (OWA) over POP or IMAP in mail client applications, including Microsoft Outlook desktop applications, for end users email client access.
https://docs.microsoft.com/en-us/exchange/clients-and-mobile-in-exchange-online/deprecation-of-basic-authentication-exchange-online#pop-imap-and-smtp-auth

* AD Connect supports Modern Authentication for organizations with hybrid identity management.

There are a limited number of scenarios where an organization may have client applications that still use Basic authentication which could be affected. We have provided step by step instructions with links to resources for administrators to identify potentially affected applications and users in the following KB article for your reference:
https://support.zixcorp.com/app/answers/detail/a_id/1781

Microsoft has provided updates on this topic in a series of blog posts over the past few years to help administrators prepare for these changes to enhance security of Office 365 services and applications.
The official documentation including the announcement and resources to ensure your organization is prepared can be found here:
https://docs.microsoft.com/en-us/exchange/clients-and-mobile-in-exchange-online/deprecation-of-basic-authentication-exchange-online

To check out the latest blog post from Microsoft on this topic please refer to the following:
https://techcommunity.microsoft.com/t5/exchange-team-blog/basic-authentication-deprecation-in-exchange-online-may-2022/ba-p/3301866

This will not affect domains that are on our Hosted Exchange (Hex) platform.

Posted Aug 03, 2022 - 10:08 CDT

This incident affected: Office 365.