Search

MC499030 – (Updated) Reminder: Basic Authentication deprecation in Office Apps (archived)

Microsoft Exchange Logo

check before: 2023-02-02

Product:

Azure Active Directory, Entra, Entra ID, Exchange, Microsoft 365 Apps, OneDrive, Outlook, SharePoint, Windows

Platform:

Online, Web, World tenant

Status:

Change type:

Admin impact, Retirement, Updated message, User impact

Links:

MC454810

Details:

Updated April 6, 2023: We have updated the timing for this change below. Thank you for your patience.
This is a reminder that Microsoft 365 Apps are disabling server sign-in prompts using Basic authentication in Office Apps (originally communicated in MC454810, November '22). We are making this change because basic authentication is a legacy authentication method that sends a username and password with each request. As a result, an attacker can access these credentials and use them to access resources. Continued use of Basic Authentication is a big security concern, so we have decided to deprecate it from all tenants.
We will retire this feature in Office Apps version 2301+. Instead, we recommend moving to a more secure authentication method, preferably Modern Authentication, and enabling multi-factor authentication based on OAuth2.0 token-based auth.

This retirement will not affect Exchange Online and Exchange on-premises. Customers using basic authentication to connect to Exchange on-premises/Exchange Online can continue to use basic authentication without any changes to Exchange.
There is a separate effort to retire Outlook connecting to Exchange Online using Basic Authentication. Please see Exchange Online - September 2022 Update.
Windows files share access is not affected. The underlying authentication layer for file share is NTLM, and there is not change to NTLM. More information is here - Microsoft SMB Protocol Authentication - Win32 apps | Microsoft Learn.
Access to files stored on SharePoint on-premises server that are using basic authentication will be blocked. However, files stored on SharePoint Online, OneDrive for Business are not affected. Customers who currently store files on web servers that use Basic authentication can move those files to SharePoint Online, OneDrive for Business, SharePoint Server on-premises or a more secure authentication protocol as a solution.
[When this will happen:]
We will be rolling this change beginning late March and will complete by mid-April.

Change Category:
XXXXXXX ...

Scope:
XXXXXXX ...

Release Phase:

Created:
2023-01-19

updated:
2023-04-07

the free basic plan is required to see all details. Sign up here


A cloudsocut.one plan is required to see all the changed details. If you are already a customer, choose login.
If you are new to cloudscout.one please choose a plan.


changes*

DatePropertyoldnew
2023-04-07MC MessagesUpdated February 9, 2023: We have updated the timing for this change below. Thank you for your patience.
This is a reminder that Microsoft 365 Apps are disabling server sign-in prompts using Basic authentication in Office Apps (originally communicated in MC454810, November '22). We are making this change because basic authentication is a legacy authentication method that sends a username and password with each request. As a result, an attacker can access these credentials and use them to access resources. Continued use of Basic Authentication is a big security concern, so we have decided to deprecate it from all tenants.
We will retire this feature in Office Apps version 2301+. Instead, we recommend moving to a more secure authentication method, preferably Modern Authentication, and enabling multi-factor authentication based on OAuth2.0 token-based auth.

This retirement will not affect Exchange Online and Exchange on-premises. Customers using basic authentication to connect to Exchange on-premises/Exchange Online can continue to use basic authentication without any changes to Exchange.
There is a separate effort to retire Outlook connecting to Exchange Online using Basic Authentication. Please see Exchange Online - September 2022 Update.
Windows files share access is not affected. The underlying authentication layer for file share is NTLM, and there is not change to NTLM. More information is here - Microsoft SMB Protocol Authentication - Win32 apps | Microsoft Learn.
Access to files stored on SharePoint on-premises server that are using basic authentication will be blocked. However, files stored on SharePoint Online, OneDrive for Business are not affected. Customers who currently store files on web servers that use Basic authentication can move those files to SharePoint Online, OneDrive for Business, SharePoint Server on-premises or a more secure authentication protocol as a solution.
[When this will happen:]
We will be rolling this change beginning late March (previously early February).
Updated April 6, 2023: We have updated the timing for this change below. Thank you for your patience.
This is a reminder that Microsoft 365 Apps are disabling server sign-in prompts using Basic authentication in Office Apps (originally communicated in MC454810, November '22). We are making this change because basic authentication is a legacy authentication method that sends a username and password with each request. As a result, an attacker can access these credentials and use them to access resources. Continued use of Basic Authentication is a big security concern, so we have decided to deprecate it from all tenants.
We will retire this feature in Office Apps version 2301+. Instead, we recommend moving to a more secure authentication method, preferably Modern Authentication, and enabling multi-factor authentication based on OAuth2.0 token-based auth.

This retirement will not affect Exchange Online and Exchange on-premises. Customers using basic authentication to connect to Exchange on-premises/Exchange Online can continue to use basic authentication without any changes to Exchange.
There is a separate effort to retire Outlook connecting to Exchange Online using Basic Authentication. Please see Exchange Online - September 2022 Update.
Windows files share access is not affected. The underlying authentication layer for file share is NTLM, and there is not change to NTLM. More information is here - Microsoft SMB Protocol Authentication - Win32 apps | Microsoft Learn.
Access to files stored on SharePoint on-premises server that are using basic authentication will be blocked. However, files stored on SharePoint Online, OneDrive for Business are not affected. Customers who currently store files on web servers that use Basic authentication can move those files to SharePoint Online, OneDrive for Business, SharePoint Server on-premises or a more secure authentication protocol as a solution.
[When this will happen:]
We will be rolling this change beginning late March and will complete by mid-April.
2023-04-07MC Last Updated02/09/2023 21:45:072023-04-06T21:28:30Z
2023-02-10MC MessagesUpdated February 2, 2023: We have updated the timing for this change below. Thank you for your patience.
This is a reminder that Microsoft 365 Apps are disabling server sign-in prompts using Basic authentication in Office Apps (originally communicated in MC454810, November '22). We are making this change because basic authentication is a legacy authentication method that sends a username and password with each request. As a result, an attacker can access these credentials and use them to access resources. Continued use of Basic Authentication is a big security concern, so we have decided to deprecate it from all tenants.
We will retire this feature in Office Apps version 2301+. Instead, we recommend moving to a more secure authentication method, preferably Modern Authentication, and enabling multi-factor authentication based on OAuth2.0 token-based auth.

This retirement will not affect Exchange Online and Exchange on-premises. Customers using basic authentication to connect to Exchange on-premises/Exchange Online can continue to use basic authentication without any changes to Exchange.
There is a separate effort to retire Outlook connecting to Exchange Online using Basic Authentication. Please see Exchange Online - September 2022 Update.
Windows files share access is not affected. The underlying authentication layer for file share is NTLM, and there is not change to NTLM. More information is here - Microsoft SMB Protocol Authentication - Win32 apps | Microsoft Learn.
Access to files stored on SharePoint on-premises server that are using basic authentication will be blocked. However, files stored on SharePoint Online, OneDrive for Business are not affected. Customers who currently store files on web servers that use Basic authentication can move those files to SharePoint Online, OneDrive for Business, SharePoint Server on-premises or a more secure authentication protocol as a solution.
[When this will happen:]
We will be rolling this change beginning early February 2023, currently expect to be on February 7, 2023 (subject to change).
Updated February 9, 2023: We have updated the timing for this change below. Thank you for your patience.
This is a reminder that Microsoft 365 Apps are disabling server sign-in prompts using Basic authentication in Office Apps (originally communicated in MC454810, November '22). We are making this change because basic authentication is a legacy authentication method that sends a username and password with each request. As a result, an attacker can access these credentials and use them to access resources. Continued use of Basic Authentication is a big security concern, so we have decided to deprecate it from all tenants.
We will retire this feature in Office Apps version 2301+. Instead, we recommend moving to a more secure authentication method, preferably Modern Authentication, and enabling multi-factor authentication based on OAuth2.0 token-based auth.

This retirement will not affect Exchange Online and Exchange on-premises. Customers using basic authentication to connect to Exchange on-premises/Exchange Online can continue to use basic authentication without any changes to Exchange.
There is a separate effort to retire Outlook connecting to Exchange Online using Basic Authentication. Please see Exchange Online - September 2022 Update.
Windows files share access is not affected. The underlying authentication layer for file share is NTLM, and there is not change to NTLM. More information is here - Microsoft SMB Protocol Authentication - Win32 apps | Microsoft Learn.
Access to files stored on SharePoint on-premises server that are using basic authentication will be blocked. However, files stored on SharePoint Online, OneDrive for Business are not affected. Customers who currently store files on web servers that use Basic authentication can move those files to SharePoint Online, OneDrive for Business, SharePoint Server on-premises or a more secure authentication protocol as a solution.
[When this will happen:]
We will be rolling this change beginning late March (previously early February).
2023-02-10MC Last Updated02/02/2023 21:55:572023-02-09T21:45:07Z
2023-02-03MC MessagesThis is a reminder that Microsoft 365 Apps are disabling server sign-in prompts using Basic authentication in Office Apps (originally communicated in MC454810, November '22). We are making this change because basic authentication is a legacy authentication method that sends a username and password with each request. As a result, an attacker can access these credentials and use them to access resources. Continued use of Basic Authentication is a big security concern, so we have decided to deprecate it from all tenants.
We will retire this feature in Office Apps version 2301+. Instead, we recommend moving to a more secure authentication method, preferably Modern Authentication, and enabling multi-factor authentication based on OAuth2.0 token-based auth.

This retirement will not affect Exchange Online and Exchange on-premises. Customers using basic authentication to connect to Exchange on-premises/Exchange Online can continue to use basic authentication without any changes to Exchange.
There is a separate effort to retire Outlook connecting to Exchange Online using Basic Authentication. Please see Exchange Online - September 2022 Update.
Windows files share access is not affected. The underlying authentication layer for file share is NTLM, and there is not change to NTLM. More information is here - Microsoft SMB Protocol Authentication - Win32 apps | Microsoft Learn.
Access to files stored on SharePoint on-premises server that are using basic authentication will be blocked. However, files stored on SharePoint Online, OneDrive for Business are not affected. Customers who currently store files on web servers that use Basic authentication can move those files to SharePoint Online, OneDrive for Business, SharePoint Server on-premises or a more secure authentication protocol as a solution.
[When this will happen:]
We will be rolling this change beginning late January 2023, currently expect to be on January 23, 2023 (subject to change).
Updated February 2, 2023: We have updated the timing for this change below. Thank you for your patience.
This is a reminder that Microsoft 365 Apps are disabling server sign-in prompts using Basic authentication in Office Apps (originally communicated in MC454810, November '22). We are making this change because basic authentication is a legacy authentication method that sends a username and password with each request. As a result, an attacker can access these credentials and use them to access resources. Continued use of Basic Authentication is a big security concern, so we have decided to deprecate it from all tenants.
We will retire this feature in Office Apps version 2301+. Instead, we recommend moving to a more secure authentication method, preferably Modern Authentication, and enabling multi-factor authentication based on OAuth2.0 token-based auth.

This retirement will not affect Exchange Online and Exchange on-premises. Customers using basic authentication to connect to Exchange on-premises/Exchange Online can continue to use basic authentication without any changes to Exchange.
There is a separate effort to retire Outlook connecting to Exchange Online using Basic Authentication. Please see Exchange Online - September 2022 Update.
Windows files share access is not affected. The underlying authentication layer for file share is NTLM, and there is not change to NTLM. More information is here - Microsoft SMB Protocol Authentication - Win32 apps | Microsoft Learn.
Access to files stored on SharePoint on-premises server that are using basic authentication will be blocked. However, files stored on SharePoint Online, OneDrive for Business are not affected. Customers who currently store files on web servers that use Basic authentication can move those files to SharePoint Online, OneDrive for Business, SharePoint Server on-premises or a more secure authentication protocol as a solution.
[When this will happen:]
We will be rolling this change beginning early February 2023, currently expect to be on February 7, 2023 (subject to change).
2023-02-03MC TitleReminder: Basic Authentication deprecation in Office Apps(Updated) Reminder: Basic Authentication deprecation in Office Apps
2023-02-03MC Last Updated01/19/2023 01:38:282023-02-02T21:55:57Z
2023-02-03MC MessageTagNamesUser impact, Admin impact, RetirementUpdated message, User impact, Admin impact, Retirement

*starting April 2022

Last updated 6 months ago

Share to MS Teams

Login to your account

Welcome Back, We Missed You!