• Skip to primary navigation
  • Skip to main content
site logo
  • About
    • Approach
    • Partnerships
    • Mission
    • Leadership
    • Awards
    • Arraya Cares
  • Solutions
    • Solutions

    • Hybrid Infrastructure
      • Hyperconverged
      • Infrastructure as a Service
      • Servers, Storage, and Virtualization
      • Data Protection
      • Disaster Recovery & Business Continuity
    • Apps & Data
      • AI
      • Automation
      • Customizations
      • Visualizations & Integrations
      • Migrations
    • Network
      • Enterprise Networks
      • Wireless Connectivity
      • Cloud Networking Solutions
      • IoT
    • Cybersecurity
      • Endpoint Security
      • Network Security
      • Cloud Security
      • Application Security
    • Modern Workplace
      • Microsoft Licensing
      • Productivity & Collaboration
      • Modern Endpoint Deployment & Management
      • Microsoft Compliance & Risk
      • Backup
      • Cloud
  • Services
    • Services

    • Managed Services
      • Service Desk
      • Outsourced IT
      • Managed Security
      • Managed NOC
      • Arraya Adaptive Management for Microsoft Technologies
      • ADEPT: Arraya's White Label Program
    • Advisory Services
      • Assessments
      • Strategy
      • vCTO
      • vCISO
      • Enterprise Architecture
    • Staffing
      • Infrastructure Engineering
      • Security & Compliance
      • Application & Software
    • Professional Services
      • Project Management 
      • Systems Integration 
      • Mergers & Acquisitions
      • Knowledge & Skills Transfer 
  • Industries
    • Education
    • Finance
    • Healthcare
    • Legal
    • Manufacturing
    • Software and Services
  • Insights
    • News
    • Blog
    • Events
    • Videos
    • Case studies
  • Careers
  • CSP Login
search icon
Contact Us

Ask a Tech: Microsoft to End Support for Basic Authentication

Microsoft Basic Authentication passwords

As part of the company’s ongoing efforts to boost security throughout its solution portfolio, Microsoft has announced that, during the second half of 2021, it will pull the plug on basic authentication in Exchange Online. From that point on, applications and user identities must be validated via – what else? – modern authentication.

We checked in with our Workspace Team to learn more about basic authentication, modern authentication and the transition from one to the next. Here’s what they shared:

Arraya Insights: What’s the difference between basic and modern authentication?

Workspace Team: Not to get overly technical, but one is modern and the other one is not. Basic authentication uses only usernames and passwords to verify the legitimacy of actions taken on an application. As such, basic authentication is vulnerable should users have their credentials stolen. It’s also challenging to supplement basic authentication with greater security through multifactor authentication (MFA). Essentially, all of the things that keep security pros up at night. Modern authentication solves this by adding another layer of verification into the mix, incorporating OAuth tokens to ensure the person is who he or she claims to be.  

AI: What will (and won’t) be affected by this change?

WT: Specially, end of support for basic authentication will impact utilities like Exchange Web Services (including Outlook for Windows and Outlook for Mac), Exchange Online ActiveSync (EAS) as well as POP and IMAP connections. Admins take note: This change will also affect Remote PowerShell. It is worth singling out one thing in particular that will explicitly not be affected: SMTP Auth. At least, that is, it won’t be affected for the time being. Microsoft’s reasoning for exempting SMTP is straightforward enough: It would be too disruptive. Vast numbers of devices count on SMTP to send emails. Taking that out of the equation would, in turn, change this from a topic for a single blog post to a series.    

AI: Are all versions of Outlook for Windows and Outlook for Mac affected?

WT: Unless your organization is using an older or out-of-date version of either solution, you’re likely going to be OK on this front. Outlook for Windows began supporting modern authentication with its Outlook 2013 release, although it needed a registry key to activate. Outlook 2016 had support for modern authentication enabled by default. Outlook for Mac has also supported modern authentication since its 2016 edition. 

AI: What about my devices that rely on POP and IMAP? 

WT: If your POP or IMAP-synced devices can be updated to support modern authentication, then don’t worry. You’re in the clear and they should continue to function as expected once you make that changeover. POP or IMAP devices set to poll for emails and that can’t, for whatever reason, be updated will run into issues. Organizations with anything fitting that bill will want to make sure they’ve addressed it long before that point to avoid any service interruption.      

AI: How can I figure out the size of my basic authentication footprint?

WT: One way to see everything in your tenant still leveraging basic authentication is to use the Azure AD Sign-In Report. Microsoft recently added the ability to track authentication method to this report. If you’re unfamiliar, this tool can be found in a side menu in the Azure AD admin center under the designation: Sign Ins. In its default state, this report tracks sign-ins, dates, times, IP addresses, however it can be enhanced to include client app. You can then apply filters to the list to pare it down until only connections taking place through basic authentication remain. It’s also possible to root out basic authentication in Outlook by way of looking at the dialogue box that pops up, as demonstrated HERE by Microsoft. You can also hold CTRL and right click the Outlook tray icon and from there choose Connection Status. In the window that opens, any connection labeled “Bearer” uses modern authentication while those marked “Clear” use basic.

AI: What does this mean for PowerShell?

WT: In a recent blog post on the subject, Microsoft committed to supporting “non-interactive scripts” by way of Remote PowerShell and certificate-based authentication. This project, however, is ongoing and will likely remain so for the next several months. In the meantime, the company pointed admins-in-need toward PowerShell V2 Module as well as Azure Cloud Shell.   

Next Steps: Get reading for basic authentication end of support

Need help prepping your environment for basic authentication hits end of support? Arraya can help. Our team of workspace experts will help you track down and resolve any possible sticking points so that your organization won’t have to worry about any interruptions. Visit https://www.arrayasolutions.com//contact-us/ to start a conversation with our team now.

We want to hear your take! Leave us a comment on this or any of our blog posts by way of social media. Arraya can be found on LinkedIn, Twitter, and Facebook. While you’re there, follow us to stay up to date on our industry insights and unique IT learning opportunities.

Arraya Insights
Back to Top
Arraya Solutions logo

We combine technological expertise and personal service to educate and empower our customers to solve their individual IT challenges.

518 Township Line Road
Suite 250, Blue Bell, PA 19422

p: (866) 229-6234     f: (610) 684-8655
e: info@arrayasolutions.com

  • Careers
  • Privacy Policy
  • Contact Us

© 2025 Arraya Solutions. All rights reserved.

Facebook Twitter YouTube LinkedIn
Manage Cookie Consent
We use cookies to enhance your experience. By selecting “Accept,” you agree to our cookie policy.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
Manage options Manage services Manage {vendor_count} vendors Read more about these purposes
View preferences
{title} {title} {title}