Technical Info: Microsoft Deprecates Basic Authentication – We Are Ready
Microsoft announced the intention of deprecating login by simple user & password and is preparing its users for it. Therefore, we are here to let you know about all this latest development and how Easy Project is prepared for it.
What Changes is Microsoft Making?
Let's start by getting an idea about the changes Microsoft is going to make. One of the things that Microsoft is changing is the ability to use Basic authentication in the following:
- Exchange Online for Exchange ActiveSync (EAS)
- Exchange Web Services (EWS)
- Internet Message Access Protocol (IMAP)
- Offline Address Book (OAB)
- Post Office Protocol (POP)
- Remote Power Shell (RPS)
In addition to this, Microsoft is also disabling SMTP AUTH for all the tenants that are not utilizing it. The decision will make it compulsory for individuals to move from apps that have basic authentication to modern ones.
The reason why they are moving users towards Modern authentication is because of the exceptional benefits it offers. Modern authentication (OAuth 2.0 token-based authorization) enables you to benefit from various advancements that resolve the major problems with basic authentication.
For instance, the OAuth access tokens have a restriction on their usable lifetime. Also, the issuance of an OAuth access token is only for a particular application or a resource.
Therefore, it is not available for reuse. Moreover, it is much more simple and straightforward to facilitate and implement multifactor authentication (MFA) using Modern authentication.
When will The Changes Take Place?
Microsoft is already bringing changes as they are now creating the 365 tenants with the Basic authentication turned off. It is because they already have allowed security defaults. From the 1st of October 2022, Microsoft will disable the Basic authentication in the systems mentioned in the previous section.
At the start of 2021, Microsoft disables the Basic authentication for current tenants that did not have any usage. The message center sends complete updates and notifications to the customers for disabling their basic authentication.
What are the Consequences for Easy Project?
You might be wondering how Easy Project is going to tackle these changes? Since elements of our application collaborate with the email servers, including Microsoft Exchange, we are ready for it. Below are some areas your server admin will need to reevaluate and reanalyze.
E-mail Notifications Configuration
Anyone using the Easy Project on Cloud need not worry about this part. It is valid for Easy Project Server instances which use a Microsoft SMTP (e.g. Exchange) to send e-mail notifications.
If you want to have the Easy Project notifications about the new tasks and updates, you must connect the application with the mail server. The server via which the messages are sent is configured in the configuration.yml file as explained in the knowledge base.
To ensure that Easy Project will be able to connect to the sending mailbox, you need to enable SMTP AUTH on that particular mailbox. The procedure is explained in Microsoft documentation. Once this is allowed, your configuration for Exchange using authentication: :login will normally continue to work as before.
HelpDesk connection to Microsoft mailboxes
The HelpDesk connection to Microsoft mailboxes will impact both the Cloud and Server solutions. It is of particular concern if you are using HelpDesk to process e-mails from a Microsoft mailbox. If the application shows you to certify to the mailbox through the conventional login and password, you will need to reconfigure it via OAuth.
You can go through the HelpDesk manual (chapter 2.2) to know about the complete instructions of the process. To sum up, it will entail adding credentials to your mailbox. You will have to test and ensure the Easy Project can connect with the mailbox.