Microsoft 365 – Modern Authentication

All You Need to Know Before the Transition!

In the Fall of 2022, Microsoft will require all connections to Microsoft 365 to use modern authentication, which is now the industry standard. This change is being implemented to provide increased security for Microsoft 365 accounts. Modern authentication is already available for Texas A&M University Exchange accounts, but some email clients may still be using basic authentication without issue. We recommend re-configuring your email client to use modern authentication as soon as you are able.

When is the Deadline to Switch to Modern Authentication?

The deadline for DSA and its departments to move to Modern Authentication is July 19, 2022.

What are basic and modern authentication?

Basic Authentication

In basic authentication, your email client sends your username and password to Microsoft 365. It then forwards your username and password to TAMU’s log-in service. The log-in service verifies your credentials and returns an authentication token to Microsoft 365. If the authentication was successful, your email client will then be connected to Microsoft 365.

Modern Authentication

In modern authentication, your username and password are not sent to Microsoft 365. Instead, you are directly taken to the TAMU login page (CAS). After entering your NetID and password, you will verify your login using NetID Two-Factor Authentication (Duo).

Why Basic Authentication is Less Secure

There are two primary reasons why basic authentication is less secure than modern authentication.

Basic authentication is not protected by two-factor authentication (Duo), so compromised credentials can be used to access your email and send email from your account.
Basic authentication can be used to verify username and password combinations through techniques such as credential stuffing, brute force, and password spray attacks. If one of these techniques is successful, then the credentials can be used to access other systems.

What mail clients support modern modern authentication?

Download links for some common mail clients that support modern authentication are listed below. Even though these mail clients support modern authentication, they may currently be using basic authentication. Instructions to verify that your mail client is configured to use modern authentication are in the next section.

Outlook on the web
Outlook for Windows (2016 or newer)
Outlook for macOS (2016 or newer)
Outlook App for Android
Outlook App for iOS version 10.x and greater
Mail app on iOS 11.x+
Mail app on macOS 10.14 (Mojave) and later
Gmail app on Android 8.0 and later
Thunderbird app version 77.0b1 or later
Alpine/Pine for Linux/*nix

How do I reconfigure my email client to use modern authentication for exchange?

The easiest way to reconfigure your client and verify it is using modern authentication is to remove your Texas A&M email account from your device and then re-add it.

Instructions for the most common email clients are below.