Knowledge Base

How the deprecation of Basic authentication in Microsoft 365 affects CodeTwo Backup

Problem:

You would like to know if the retirement of Basic authentication impacts CodeTwo Backup’s ability to access and back up various data in Microsoft 365 such as mailboxes, public folders, SharePoint sites, OneDrive sites, etc.

Solution:

Exchange Online in Microsoft 365

Microsoft started the process of disabling Basic authentication in Exchange Online on October 1, 2022. The process is planned to finish in early January 2023 when Modern authentication (OAuth 2.0) becomes the only choice available.

The latest versions of our backup solution (2.3.x and newer) support Modern authentication (MFA, 2FA). This means that CodeTwo Backup will continue to back up your mailboxes and public folders even when Basic authentication is permanently disabled in Exchange Online.

CodeTwo Backup supports any Modern authentication method, including the Microsoft Authenticator app. When configuring a connection to your tenant (Exchange Online), you can either:

  • use the global admin account (also with MFA enabled) of your Microsoft 365 tenant to automatically register our application in the tenant’s Microsoft Entra ID (Azure Active Directory), or
  • register CodeTwo Backup manually in your Entra ID (Azure AD), and then provide the registration details in the Exchange connection configuration wizard (learn more).

Either way, once the registration is completed, CodeTwo Backup will appear on the Enterprise applications list in Entra ID. The application will be assigned permissions to access the data to be backed up and a unique certificate (or client secret) that allows to securely authenticate CodeTwo Backup by means of a token (OAuth 2.0 authorization).

SharePoint/OneDrive for Business in Microsoft 365

Changes in Exchange Online (the Basic authentication retirement) do not impact SharePoint Online (and OneDrive for Business). CodeTwo Backup uses the SharePoint API which makes use of the legacy authentication protocols. Microsoft isn’t planning to disable them in the nearest future, so you will still be able to back up and restore SharePoint/OneDrive data.

Still, despite those limitations imposed by the SharePoint API, CodeTwo Backup offers you an extra layer of security when configuring a connection to SharePoint Online that combines OAuth 2.0 and app password (learn more). Thanks to that, accessing SharePoint/OneDrive data from our software remains secure.

Keep in mind, however, that enabling the Security defaults (as recommended by Microsoft) automatically disables all legacy protocols (including app passwords), which will make it impossible for CodeTwo Backup to access SharePoint (and OneDrive for Business) data. Learn more

Troubleshooting

If you should experience any problems related to accessing data in Microsoft 365 with our backup software, make sure you’re using the latest version of CodeTwo Backup and perform the update if necessary. Also, feel free to contact our Customer Success Team if you have any further queries.

Was this information useful?