Changes to Legacy Messaging Protocol Authentication

Modern authentication uses OAuth, a widely adopted framework that provides a secure user authentication workflow and includes support for interactive multi-factor authentication and risk analysis.  Basic authentication, in contrast, uses a simple username and password and is vulnerable to modern attack vectors.  ITS strategically transitioned to modern from basic authentication for Microsoft Outlook in 2021, but a minority of accounts continue to use legacy protocols for both authentication and access.  Starting on October 1, 2022,  Microsoft (MS) is formally deprecating the basic authentication method on Office 365 at which time customers will no longer be able to use it for the following email related protocols: POP, IMAP, Authenticated SMTP for Office 365, ActiveSync and Exchange Web Services (EWS).  While the protocols themselves are not being deprecated, customers will need to transition to modern authentication to use these services.  Contemporary email clients and applications can generally be reconfigured to use modern authentication and ITS will be sending targeted communications this August with specific information about required changes.