Basic Authentication Transition Guidance: IMAP, POP, Authenticated SMTP

The following operating system versions and email applications support Modern Authentication.

Device Type Operating System Version Email Application
Windows 8.0 or later Outlook 2016
Outlook 2019
Outlook – Office 365
Windows 10 Mail
Thunderbird V78 or later
Mac 10.14 or later Apple Mail
Outlook 2019 for Mac
Outlook for Mac – Office 365
10.13 or earlier Thunderbird v78 or later
iOS (iPhone, iPad) 11.3.1 or earlier Apple Mail
Outlook for iOS
Android 8.0 or later Outlook for Android
Linux Outlook on the web

The correct settings for all email programs are shown below:

  • Incoming: IMAP4 Server Hostname: outlook.office365.com Port: 993 TLS Authentication: Oauth2
  • Incoming: POP3 Server Hostname: outlook.office365.com Port: 995 TLS Authentication: Oauth2
  • Outgoing: SMTP Server Hostname: smtp.office365.com Port: 587 STARTTLS Authentication: Oauth2

IMAP, POP, Authenticated SMTP: These older email retrieval and sending protocols are used by a wide range of email programs on Windows PCs, macs, and mobile devices. The most commonly used ones are shown in the modern authentication compatibility matrix above. While these protocols are capable of using modern authentication, in your case, they are not currently configured to do so since your email client app was originally set up to use basic authentication.

Fix: It is important to understand that you must be using a supported combination of OS and email program. The supported combo must be configured to use modern authentication if it is currently using basic authentication. In general, you will first need to determine if the OS and app combo is compatible with modern authentication. If it is, you will need to remove the email account, delete saved email account credentials (from within the Control Panel’s Credentials Manager in Windows, or from within the Keychain Access program in MacOS), then re-add the email account and do the initial 2FA Duo login. If the OS/app combo does not support modern authentication, then you will need to find a combo that does. In that case, please contact SSCS for help. If you are an Outlook 2019 or 365 user whose account is configured using the POP or IMAP protocol, you’d just need to follow the above instructions to delete your account and re-add it as an Exchange account. If you’d like to continue using the POP or IMAP protocol, you can download and install the Thunderbird email program, which supports these older protocols using modern authentication.

As an alternative, you can always access email via the web: https://outlook.office365.com/

Step by Step Instructions

Windows Users

  1. Outlook
    • Open Outlook
    • File > Account Settings > Account Settings…
    • Delete Account
    • Go to the Credentials Manager in the Control Panel and click the Windows Credentials tab
    • Delete the saved Outlook credentials
    • Go back to Outlook and re-add your account, doing the initial 2 factor authentication.
  2. Thunderbird

The end of Basic Authentication particularly affects Thunderbird users whose Thunderbird program was configured to get U of C email prior to November 2020. Thunderbird has only recently supported “modern authentication.” Prior to that, Thunderbird was capable only of basic authentication. If your Thunderbird was set up prior to November of 2020, you will need to change your email’s authentication method using the instructions below.

  • Open Thunderbird
  • Click Account Settings in the menu > select your uChicago email > click ‘Server Settings’ > select ‘Oauth2’ from the dropdown menu next to ‘Authentication method’
  • Close Thunderbird
  • Reopen Thunderbird and complete Duo 2 Factor Authentication.

NOTE: if you’re using IMAP, Thunderbird will need to re-download the contents of all mail folders, so you should leave Thunderbird open for a good while so that it fully syncs up with the server.

Please feel welcome to contact SSCS for help configuring your email.

Mac Users

  1. Outlook
    • Open Outlook
    • Click Outlook in the main menu and select Preferences… from the dropdown
    • Click Accounts
    • Click the minus sign in the lower left corner
    • Confirm that you want to delete the account
    • Quit Outlook
    • Open Keychain Access (/Applications/Utilities)
    • Do a keyword search within Keychain Access for Exchange
    • In the search results, select each item to view the Account that’s listed at the top, and then press Delete. Repeat this step to delete all items for your Exchange account
    • Do a keyword search for adal
    • Select all items whose type is MicrosoftOffice15_2_Data:ADAL:, and then press Delete
    • Do a keyword search for office
    • Select the items that are named Microsoft Office Identities Cache 2 and Microsoft Office Identities Settings 2, and then press Delete
    • Open Outlook
    • Click Outlook in the main menu > Preferences… > Accounts > Add Email Account > type your full UChicago email and complete the initial 2 factor authentication
  2. Apple Mail
    • Open System Preferences > click Internet Accounts
    • Select your uChicago account > click the minus sign (-) in the lower left hand corner
    • Click OK to confirm the deletion
    • Click the plus sign in the lower left corner and then click Exchange
    • Enter your uChicago credentials and complete the 2 Factor Authentication
  3. Thunderbird
    • Open Thunderbird
    • Click Account Settings in the menu
    • Select your uChicago email > click ‘Server Settings’ > select ‘Oauth2’ from the dropdown menu next to ‘Authentication method’
    • Next, you will remove the passwords saved to your Thunderbird. Click Thunderbird in the main menu and select Preferences from the dropdown
    • Select the ‘Privacy & Security’ tab > click ‘Saved Passwords…’
    • Click Saved Passwords… > delete your saved email passwords
    • Quit and reopen Thunderbird
    • Enter your uChicago credentials in the window pop up and complete 2 Factor Authentication