OAuth 2.0: Microsoft disables simple authentication

This time we are, Microsoft’s latest notice to its customers.

Starting October 1, 2022 Simple Authentication (Basic Auth) will be disabled for Exchange Online, Exchange ActiveSync (EAS), POP, IMAP, SMTP AUTH, Remote PowerShell, Exchange Web Services (EWS), Offline Address Book (OAB), Outlook for Windows and Mac. (Official Notice: Deprecation of Basic authentication in Exchange Online).

As we had already announced in this article, in order to ensure greater security in their services, Google and Microsoft are carrying out a massive migration to OAuth 2.0 by forcing all third-party applications that use IMAP and POP3 protocols to adapt to this system.

After several invitations and communications addressed to customers to adopt more secure authentication solutions, the official communication from Microsoft of the stop to simple basic Auth authentication has now arrived, which has now become obsolete in terms of security being based on the HTTP protocol.

OAuth 2.0 and ((OTRS)) Community edition: what changes and how to adapt

To overcome the authentication problem we have developed the RexOAuth2 add-ons to be able to adapt your platform.

((OTRS)) Community edition has no longer received updates for a year and is no longer supported by the parent company OTRS AG, the platform therefore, in addition to no longer having a development roadmap, also has several important vulnerabilities that make it absolutely unsafe . We at Rexpondo immediately took charge of the problem by initially collaborating with the German company Otobo and then individually carrying out our fork ((OTRS)) CE ensuring updates and a new development roadmap.

Do you need further information?