Microsoft has announced a series of enhancements in cybersecurity for its personal email accounts in Outlook as part of its ‘Secure Future Initiative’. One of the most significant changes is the deactivation of basic authentication (username and password) starting on September 16, 2024.
End of Basic Authentication
Starting on the specified date, Microsoft will remove basic authentication for all personal Outlook accounts, including Outlook.com, Hotmail.com, and Live.com. This authentication method, which sends credentials without encryption, will be replaced by modern and more secure authentication methods.
“While basic authentication was the standard for quite some time, it also made it easier for attackers to capture a person’s login information,” explained Microsoft. “Email-based cyber attacks have increased over time, so we require modern authentication for all Outlook customers to better protect their personal accounts.”
Adoption of Modern Authentication
With the transition to modern authentication methods, basic authentication credentials will be replaced by token-based authentication backed by multifactor authentication (MFA). This measure aims to reduce the risk of stolen credentials being reused to access emails and personal data.
However, this transition will impact users who use older applications that only support basic authentication, who will no longer be able to access their Outlook.com, Hotmail.com, or Live.com email accounts after September 16. These users will need to switch to the latest versions of supported email clients, such as Outlook, Outlook for Windows, Apple Mail, or Thunderbird.
Users with a Microsoft 365 subscription can use the Outlook version included in their plan, while those with Outlook 2021 (build 11601.10000 or higher) already have ‘Modern Authentication’ and will not be affected.
Deactivation of Apps and Features
Microsoft has also announced the end of support for the ‘Mail’ and ‘Calendar’ apps on Windows, urging users to migrate to the new Outlook for Windows, which offers enhanced security. These apps will be available in the Microsoft Store until December 31, 2024, after which they will no longer be supported.
Furthermore, Microsoft will deactivate the “light” version of Outlook Web App on August 19, 2024, due to its degraded experience and lower security standards. As of June 30, 2024, Outlook.com will no longer allow users to access Gmail accounts, although this functionality will continue to be available in standalone Outlook clients for Windows and Mac.
Finally, as a result of Cortana’s deactivation, the ‘Play my emails’ and ‘Voice search’ features in Outlook mobile will also be removed by the end of this month.
Towards a Safer Future
These changes are part of Microsoft’s ongoing efforts to strengthen the security of its services and better protect its users against growing cyber threats. By adopting more modern and secure authentication measures, Microsoft aims to provide a more reliable and protected email experience for all its users.