• Skip to primary navigation
  • Skip to main content
site logo
  • About
    • Approach
    • Partnerships
    • Mission
    • Leadership
    • Awards
    • Arraya Cares
  • Solutions
    • Solutions

    • Hybrid Infrastructure
      • Hyperconverged
      • Infrastructure as a Service
      • Servers, Storage, and Virtualization
      • Data Protection
      • Disaster Recovery & Business Continuity
    • Apps & Data
      • AI
      • Automation
      • Customizations
      • Visualizations & Integrations
      • Migrations
    • Network
      • Enterprise Networks
      • Wireless Connectivity
      • Cloud Networking Solutions
      • IoT
    • Cybersecurity
      • Endpoint Security
      • Network Security
      • Cloud Security
      • Application Security
    • Modern Workplace
      • Microsoft Licensing
      • Productivity & Collaboration
      • Modern Endpoint Deployment & Management
      • Microsoft Compliance & Risk
      • Backup
      • Cloud
  • Services
    • Services

    • Managed Services
      • Service Desk
      • Outsourced IT
      • Managed Security
      • Managed NOC
      • Arraya Adaptive Management for Microsoft Technologies
      • ADEPT: Arraya's White Label Program
    • Advisory Services
      • Assessments
      • Strategy
      • vCTO
      • vCISO
      • Enterprise Architecture
    • Staffing
      • Infrastructure Engineering
      • Security & Compliance
      • Application & Software
    • Professional Services
      • Project Management 
      • Systems Integration 
      • Mergers & Acquisitions
      • Knowledge & Skills Transfer 
  • Industries
    • Education
    • Finance
    • Healthcare
    • Legal
    • Manufacturing
    • Software and Services
  • Insights
    • News
    • Blog
    • Events
    • Videos
    • Case studies
  • Careers
  • CSP Login
search icon
Contact Us

Microsoft to Disable Basic Authentication in October 2022: Here’s How to Prepare

Microsoft has announced that they’ll be turning off Basic Authentication permanently, as of October 1, 2022. This will be turned off for all protocols in all tenants for Exchange Online. Your Exchange account hosts your work emails, contacts, and calendar.  

Basic authentication (also known as proxy authentication) requires only a username and a password for client access requests. The username and password are often stored locally on the device.  

While this authentication model was previously the industry standard, it’s now outdated and can pose a significant security risk for those still using it. Attackers can easily steal these credentials when connections are not secured. 

Many users who transitioned from on premises to the cloud have continued to use basic authentication. Microsoft is removing this as an option, so all users are forced to use modern authentication, a more secure method.  

Users should begin transitioning to modern authentication if they haven’t already done so.  

What is Modern Authentication? 

Modern authentication is a more secure method of identity management.  

Modern authentication is an umbrella term for a combination of authentication and authorization methods between a client (for example, your laptop or your phone) and a server, as well as some security measures that rely on access policies that you may already be familiar with. 

This includes: 

  • Authentication methods: Multi-factor authentication (MFA); smart card authentication; client certificate-based authentication 
  • Authorization methods: Microsoft’s implementation of Open Authorization (OAuth) 
  • Conditional access policies: Mobile Application Management (MAM) and Azure Active Directory (Azure AD) Conditional Access 

Microsoft is disabling basic authorization to protect the millions of Microsoft Exchange online users. Requiring MFA significantly improves the security of data in your tenant.  

Before You Block Basic Authentication, Complete the Following Steps:   

  • Verify that modern authentication is enabled in your Exchange Online organization (it’s enabled by default) 
  • Verify that your email clients and apps support modern authentication and verify that your Outlook desktop clients are running the minimum required cumulative updates 
  • Connect to Exchange Online PowerShell 

Disabling Basic Authentication in Exchange Online 

You can block Basic Authentication in Exchange online by creating and assigning authentication policies to individual users. You’ll need to create and assign auth policies to individual users to disable Basic Authorization in Exchange Online.  

Here’s how: 

  1. Create the authentication policy 

Note that you can’t change the name of the policy after you create it.  

  1. Assign the authentication policy to users 

This can be done through individual user accounts, through filtering user accounts by attributes, using a list of specific user accounts, or by filtering on-premises Active Directory user accounts that are synchronized to Exchange Online.  

  1. Wait 24 hours for the policy to be applied to users, or force the policy to be immediately applied 

By default, the changes take effect within 24 hours, but by using the following syntax, you can force the policy to take effect within 30 minutes: 

Set-User -Identity <UserIdentity> -STSRefreshTokensValidFrom $([System.DateTime]::UtcNow) 

Next Steps: Begin the Transition from Basic to Modern Authorization 

Active Directory Federation Services (ADFS) will be affected through this transition. Those still using ADFS will need to migrate to Azure authentication. If you’re still using ADFS, we can help you with the process of migrating to Azure Active Directory (AD).  

The longer you rely on basic authorization, the more you’re putting your business at risk. Contact an Arraya expert today to begin the transition to modern authentication.  

Visit https://www.arrayasolutions.com//contact-us/ to connect with our team now.     

Comment on this and all of our posts on: LinkedIn, Twitter and Facebook.     

Follow us to stay up to date on our industry insights and unique IT learning opportunities.     

   

Arraya Insights
Back to Top
Arraya Solutions logo

We combine technological expertise and personal service to educate and empower our customers to solve their individual IT challenges.

518 Township Line Road
Suite 250, Blue Bell, PA 19422

p: (866) 229-6234     f: (610) 684-8655
e: info@arrayasolutions.com

  • Careers
  • Privacy Policy
  • Contact Us

© 2025 Arraya Solutions. All rights reserved.

Facebook Twitter YouTube LinkedIn
Manage Cookie Consent
We use cookies to enhance your experience. By selecting “Accept,” you agree to our cookie policy.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
Manage options Manage services Manage {vendor_count} vendors Read more about these purposes
View preferences
{title} {title} {title}