Microsoft has announced plans to deactivate Basic Authentication in Exchange Online accounts from 1st October 2022. The details can be found in Microsoft's article Deprecation of Basic authentication in Exchange Online.

This change affects Exchange ActiveSync and may impact a small number of Sophos Mobile customers. 


Exchange ActiveSync is used by many mobile applications to synchronize emails and can be configured to use Basic or Modern Authentication. New Microsoft 365 accounts have Basic Authentication disabled by default.

Customers with older Exchange Online accounts, or where Basic Authentication has been manually enabled, may be impacted by Microsoft’s change as any mobile apps configured to use Basic Authentication can no longer receive emails.

What to do

Customers using Basic Authentication in Exchange Online should switch to Modern Authentication to ensure continued access to emails. Details on how to perform these changes are available in this article: Sophos Mobile: Adjust email policies to use Modern authentication

If the Sophos Mobile Standalone EAS Proxy is setup and used in PowerShell mode, the configuration should also be adjusted. Details can be found in this article: Sophos Mobile Standalone EAS Proxy: Enable modern authentication for the PowerShell mode