Microsoft and basic authentication - personal outlook accounts

We have received numerous reports concerning free personal Microsoft email accounts – those with domains containing Outlook, Hotmail, Live, WindowsLive, Msn, and various regional variations these email accounts have had over the years. Therefore, we would like to address the situation.

Microsoft declared their intention to end direct password login (including app passwords) a few years ago, but they did not enforce this on all their servers simultaneously. This means that, for some accounts, direct password login was still available for free Outlook accounts that were set up with the Exchange Web Services protocol.

However, it appears that Microsoft is now catching up and updating security on their “forgotten” servers. Consequently, users are encountering the login window pop-up, but using the same correct password will no longer work. We cannot prevent this change, and once the mail server starts rejecting the credentials, we cannot reactivate the same account setup.

Our statement on our blog still applies; you can read it here if you need tips on how to set up your mail account anew:

Some users have inquired about how their accounts can work in Windows Mail and Microsoft Outlook if the issue is not with eM Client. Microsoft does not use the EWS protocol for their own mail apps. They have a proprietary protocol exclusive to them, allowing them to synchronize more settings and features than they permit for other external apps to maintain their advantage.

While we would like to provide a workaround, if the mail server refuses to connect via a specific protocol or login method, especially if they have declared the intention not to support this login method in the future, there is no point in trying to use it. We cannot “reactivate” the use of the EWS protocol for personal Microsoft emails because OAuth for Exchange is not allowed for these accounts, and direct password login is forbidden.

Mailbird and other external mail apps that were using the EWS protocol the same way as we do, will experience the same behaviors over time; it just depends on when Microsoft “gets around” to changing the security in the mail server where your account is stored.

As we explained in our article, we would love to provide a dependable workaround, but other than using IMAP connection, which is the only setup for free Microsoft accounts that can use OAuth, there is none at this point.