Microsoft recently announced that Basic Authentication, which can be used to capture your username and password in your email software, will be switched off permanently in 2022. Therefore, we are here to let you know about all this latest development and how FlexWorkflow RX is prepared for it.
What’s Microsoft changing, and when?
Microsoft Office 365’s basic authentication in Exchange Online uses a username and a password for client access requests. Such an authentication method is outdated and provides a loophole for hackers to hack into users’ accounts by using brute force or password spray attacks.
Thus, effective October 1, 2022, Microsoft will begin to permanently disable Basic Auth for all protocols not being used, includingMAPI, RPC, Offline Address Book (OAB), Exchange Web Services (EWS), POP, IMAP, Exchange ActiveSync (EAS), and Remote PowerShell.SMTP Auth will also be disabled if it is not being used.
To improve the security of Office logins and help prevent data breaches, Microsoft introduced the modern authentication (OAuth 2.0 token-based authorization) method. This method requires additional user authentication and authorization when connecting to online Office 365 resources. Modern authentication has many benefits and improvements that help mitigate the issues with basic authentication. Starting with October 1, 2022, it is the only login method available for Office 365 apps and services.
What does this impact on FlexWorkflow RX?
You may wonder how FlexWorkflow is going to prepare for these changes.
Since elements of our application collaborate with the email servers, including Microsoft Exchange, the good news is that FlexWorkflow RX supports the use of Microsoft Office 365’s Modern Authentication.
If users are still using Basic Authentication, we will also support that until Basic Authentication is not supported anymore.