Microsoft’s new Outlook security changes impact third-party apps and Gmail integration

/

Microsoft’s Secure Future Initiative is kicking in for Outlook.com, with higher levels of security that may impact third-party apps.

Share this story

Outlook illustration

Illustration: The Verge

Microsoft is announcing some changes to Outlook for consumers that will further safeguard accounts. The software maker plans to end support for Basic Authentication for Outlook personal accounts starting on September 16th, it’s removing the light version of the Outlook web application on August 19th, and it will no longer support Gmail accounts in Outlook.com on June 30th. All of these changes are part of Microsoft’s Secure Future Initiative overhaul of its security practices.

Outlook.com, Hotmail, and Live.com users will need to access their email accounts through apps using Modern Authentication starting on September 16th. Support for third-party email apps that don’t use Microsoft’s own login prompt will end later this year. “Microsoft will no longer support Basic Auth, the method in which a person provides only their username and password to sign into their account,” says David Los, partner group product manager for Outlook, in a blog post.

The latest versions of Outlook, Apple Mail, and Thunderbird will all support these changes, so this will largely affect any app that hasn’t been updated to support “Modern Auth,” as Microsoft calls it. “With Modern Authentication methods we apply additional backend process/tokens that users may not notice that add an extra layer of security,” explains Los.

Microsoft is planning to contact affected Outlook users by the end of June to warn them that they’re using an email app that won’t be supported soon. It may be as simple as changing an app’s settings to authenticate using OAuth2 instead of a regular password option or just having to remove the current account and adding it again.

If you’ve noticed password prompts for your Outlook account on an iPhone recently, this could be because you originally configured your account with Basic Authentication. Apple’s latest versions of iOS now support Modern Authentication by default, so if you see password prompts, you’ll need to remove and add the account again. Microsoft has a full support article with more information right here.

Microsoft is also removing the ability for consumers to access Gmail accounts in Outlook.com at the end of the month. This feature was originally introduced in 2019 as a way for Microsoft to integrate Gmail, Google Drive, and Google Calendar into its Outlook.com web mail client. The new Outlook for Windows app and Outlook for Mac will still support Gmail accounts, though.

Microsoft is also continuing to migrate Windows Mail and Calendar users over to its new Outlook for Windows app, ahead of the end of support for the built-in Windows Mail and Calendar apps later this year.

Finally, Microsoft is also planning to remove the light version of the Outlook web app on August 19th, which was originally designed as a lightweight option for older browsers. “As we accelerate our security efforts to help better protect our customers, we are retiring the light version of the Outlook web app,” says Los. “This means that after 2024 customers will need to run the latest versions of a supported browser to run Outlook.com.”

The minimum browser requirements for Outlook.com are Microsoft Edge or Chrome version 79 or later, Firefox version 78 or later, Safari version 16 or later, and Opera version 76 or later. Microsoft will also only support Windows 10 or later and Windows Server 2016 or later for access to Outlook.com. Linux versions of Firefox and Chrome can still access the mail service, alongside macOS Sonoma, Ventura, and Monterey users.

Go to Source