Legacy Applications and Microsoft Log In Security Improvements

What is Happening?

On April 8, 2021 OU IT will end support for basic authentication methods used by older desktop and mobile apps to access or sync your OU email, calendar, and other Microsoft 365 tools. These apps could include older versions of iOS Mail, 3rd party Android mail apps, or Outlook 2013 or older desktop clients.

These "Basic" or "Legacy" authentication methods are terms used to describe less-secure ways of accessing a mailbox or calendar. Changing technology has made more secure ways, like using Multi-Factor Authentication, more prevalent. These more-secure methods are often referred to as "Modern Authentication." Unfortunately older authentication methods are still being used by many outdated applications found on computers, phones and tablets. Because these older methods of authenticating are less secure, Microsoft is currently moving towards disallowing these older authentication methods to be used at all. For this reason, OU IT is following these best practices to make your mailbox and calendar more secure and stay in line with current security advancements. Please see the "What should I do?" section below for information on updating the application or program you are using to access your mail or calendar.

How Will This Change Affect Me?

Any of your apps using basic authentication will lose access to OU email, calendar, or Microsoft 365 services during the week of April 12. This may include up-to-date apps that are using a less secure authentication version. Affected users will need to update their system (OS) or application software to a supported version or access their email via a browser. If all apps are updated, users may need to delete their account from the app and re-add it using a more secure authentication method.

How Will I Know if This Affects Me?

After April 8th, affected users will either be unable to log into their impacted application(s) and/or will receive one final email to their impacted application(s) that is using basic authentication methods stating "Your email access has been blocked". At that point, the email/calendar account will no longer be updated within that app. Applications that are utilizing approved authentication methods will continue to function normally and will not receive this notification email.

OU IT attempted to identify individuals that we detected would be impacted and sent multiple emails concerning this change to these users. Because of  the numerous different email client configurations, some users may not have been notified. Though most users did receive multiple notifications, we do apologize for the sudden disruption if you did not receive prior notification.

Example Email:

What Should I Do? 

If you need immediate access to your email or calendar, you may log into outlook.office.com. To remedy the issue on your affect application, review the questions below.  You will need to update your apps on your computer, phone, tablets, or other mobile devices as necessary to stay connected.

• Are you using the iOS Mail app or running iOS 11 or older on your Apple iPhone or iPad? 
  • Update your device to the latest version of iOS (12 or newer) or switch your mail app to Outlook for iOS.
  • If you plan to continue using iOS Mail, you should delete and re-add your mail and calendar account to use a more secure sign-in method. 
• Are you using an Android device?
  • We recommend switching your mail app to Outlook for Android.
  • Many Android mail apps do not support Microsoft's modern authentication.
• Are you using Thunderbird?
  • Update your Thunderbird to version 77.0b1 or later and update your settings.
• Are you using Linux?
  • Please see this article for information on the Evolution Mail Client which support Microsoft 365 and modern authentication.
• Are you reading your email with Outlook 2013 or older on your computer?
  • Upgrade to the latest version of Office for Windows Desktop or Office for macOS.
  • If an updated version is not available, we recommend using Outlook on the Web.
• Are you using MacMail on an Apple computer running MacOS 10.13 (High Sierra) or older? 
  • If you own your device, upgrade to the latest version of MacOS available to you (Mojave or newer).
  • If you are using a university-owned computer, contact IT before attempting to upgrade your MacOS (univerisity-owned computers should not upgrade to Big Sur at this time).
  • If an upgrade to at least Mojave (10.14) or newer is not available to you, we recommend using Office for macOS or Outlook on the Web.
• Are you connecting to your email or calendar using IMAP/POP?
  • This includes mail and calendar applications that use basic authentication in combination with POP, IMAP, or Exchange ActiveSync, such as Thunderbird, Eudora, PINE, and the current POP version of Gmail's "Check mail from another account" feature.
  • Check to see if your application's developer offers an updated version that supports modern authentication.
  • If an updated version is not available, we recommend switching to the latest version of Outlook or using Outlook on the Web.
• Do you use more than one way to access your email and calendar?
  • You may need to take different steps for each device or application you use. 

Why is OU IT Making this Change? 

Based on Microsoft's recommended best practices, this change will improve our cybersecurity posture system-wide by enabling multi-factor authentication for all OU email access. This change will also allow us to expand Microsoft 365 use to all University missions system-wide, including our Healthcare components.