Legacy Authentication Applications and Protocols


Legacy Authentication is a term used by Microsoft to refer to older and less secure methods of authenticating to Office 365 and Azure for services. Most of the time it is from an older and less secure email client. The following options are considered legacy authentication protocols:

  • Authenticated SMTP
  • Autodiscover
  • Exchange ActiveSync
  • Exchange Online Powershell
  • Exchange Web Services
  • IMAP4
  • MAPI over HTTP
  • Offline Address Book
  • Outlook Anywhere
  • Outlook Service
  • POP3
  • Reporting Web Services


Below is a list of known applications which uses legacy authentication:

  • Outlook 2013 without special settings enabled
  • Outlook 2010 or earlier
  • Mac Mail on Mac OS 10.13 or earlier
  • Thunderbird
  • Eudora
  • Pine
  • Android Touchdown
  • Android BlueMail
  • Any client application on iPhone 5 and lower (can use browsers to OWA)
  • Any client application on iPad 4th generation and lower (can use browsers to OWA)
  • Mail on iOS 10 or lower
  • Any client application on Chromebooks (can use browsers to OWA)
  • Most IMAP4 or POP3 clients
  • Exchange Online PowerShell module

Although Legacy Authentication is disabled, you will still be able to access your email through the web browser or the Outlook mobile app for Android or iOS. Please follow the two links below to download the Outlook mobile app. 

Outlook for iOS

Outlook for Android

Please contact securiy@bridgew.edu if you have any questions.



Article ID: 137770
Tue 9/14/21 10:12 AM
Wed 8/23/23 11:14 AM