Applications have used basic authentication, which simply means the application sends a username and password with every request which are stored or saved on the device, for many years to connect servers, API end points and services.
It’s simple to set up, so is often used as the default on most servers and services. While simple may be effective, it does mean it’s easier for attackers to capture user credentials, and for them to be reused against other end points or services.
Changes are already afoot, but from October 1, 2022, basic authentication for Outlook, EWS, RPS, POP, IMAP and EAS protocols will start being disabled in Exchange Online.
Don’t be alarmed – just like the changes to vSphere, we can help smoothly migrate you to modern authentication and ensure your systems are protected against increased possibilities of threat.
Microsoft has put together a guide to the changes here, but if you want dedicated, bespoke support for your business, get in touch with our team.
Email email@example.com with the subject line ‘Basic authentication’.