Email: The End of Basic Authentication?
The End of Basic Authentication and TopView Email Notification
Many email services and IT departments are ending support for email clients that use “basic authentication”. TopView customers affected by these changes will need to upgrade to a version of TopView that supports modern authentication.
What is Basic Authentication?
Basic Authentication is the common authentication method of providing a username and password.
If you’ve ever manually configured an email client (SMTP/IMAP/POP), you probably configured it using “basic authentication”.
For example, when configuring outgoing email (SMTP) you may have entered the
- SMTP host name or IP address
- Port number
- Username/email address
With basic authentication, the application transmits the user name and password to the server. If the username/password is valid, the server grants the application access to the service.
Even if the transmission is encrypted, basic authentication is considered unsafe since an attacker can repeatedly try various passwords in an attempt to find the correct one. In addition, the password given to the application where it is stored or cached, with the possibility of someone gaining accessing to this password. Anyone who has access to the username/password may be able to access a resource that provides basic authentication.
What is Modern Authentication?
Many people are familiar with signing into an application by clicking “Sign in with your Microsoft account” or “Sign in with your Google account”. These are examples of modern authentication.
With modern authentication, you are granting an application access to specific parts of your account (e.g. the ability to send and read my email) without giving the application your password. Instead, the application is given a token that grants it access to the resources that you have allowed. The tokens have expiration dates (which can be renewed), and the account has the ability to revoke the token and therefore the application’s access to the resources.
A popular analogy for Modern Authentication is a keycard you may have as an employee of a company. The keycard gives you access to specific areas of the company (main entrance, your office or department), it can be restricted by time, and the keycard can be revoked if you leave the company.
Who is ending Basic Authentication?
With our TopView customers, we started seeing requests for modern authentication when IT departments informed their users that basic authentication would no longer be supported for email clients such as TopView. So even if the email provider had not ended basic authentication, IT was ending support for it due to security concerns.
In response, we started working on support for modern authentication for Microsoft and Google email services and released this as part of TopView v6.35 in January, 2021.
Even if your IT department is currently allowing basic authentication, both Microsoft and Google have announced the end of basic authentication for email clients, although the end dates have been delayed due to the pandemic.
Read more about Microsoft Email and Basic Authentication
Read more about Google Email and Basic Authentication
How do I enable Modern Authentication in TopView?
Modern Authentication is supported in TopView v6.35 and later for Google and Microsoft email services. This includes Gmail, Google Workspace/G Suite, Office365 and Outlook.com.
To enable Modern Authentication in TopView
- Launch the TopView Configurator
- Open your TopView configuration file (if it did not load automatically)
- From the left menu click “Email-SMS Notification” then [Configure]
- On the “Outgoing Email Settings” screen, click [Sign in with Google] or [Sign in with Microsoft]
- A browser will open and prompt you for your account credentials. Depending on the service, it may show you the requested permissions to the account
- Warning: you may need to check the box next to the permission to grant it (Google)
- Close the browser and return to the TopView Configurator