While Basic Authentication is no longer recommended, there might be specific scenarios where an application you use relies on it and isn’t compatible with modern methods yet. In such cases, you can enable Basic Authentication for a single mailbox in Exchange Online.
Here’s how to enable Basic Authentication for a single mailbox:
Connect to exchange with powershell then create a new authentication policy:
New-AuthenticationPolicy -Name "Allow Basic Auth SMTP" -AllowBasicAuthSmtp
This will create the new authentication policy and enable basic authentication all at once.
Then, assign that policy to your user:
set-user -identity [email protected] -AuthenticationPolicy "Allow Basic Auth SMTP" -confirm:$false
This new policy can take up to 24 hours to apply to a user, but you can run the below command to attempt to force it to update much faster:
Set-User -Identity [email protected] -STSRefreshTokensValidFrom $([System.DateTime]::UtcNow) -confirm:$false
Remember:
- Enabling Basic Authentication for a mailbox increases security risks. Make sure to migrate your application to modern authentication methods as soon as possible.
- Microsoft plans to completely remove support for Basic Authentication with Exchange Online in September 2025. https://learn.microsoft.com/en-us/exchange/clients-and-mobile-in-exchange-online/disable-basic-authentication-in-exchange-online
- Also, you may refer to this post from Microsoft to check for additional settings: https://learn.microsoft.com/en-us/exchange/clients-and-mobile-in-exchange-online/authenticated-client-smtp-submission